Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Apr 17, 2024
Full time
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
LA International Computer Consultants Ltd
Hereford, Herefordshire
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Apr 17, 2024
Contractor
DV Cleared Onsite in Hereford Duration: 6 months initially Market Rates via Umbrella Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: * Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. * Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. * Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. * Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. * Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. * Implement data management standards, requirements, and specifications. * Develop data standards, policies, and procedures. * Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. * To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: * Knowledge of big data technologies and ecosystems (eg, NiFi). * Knowledge of current market and emerging leaders in data analytical and SIEM platforms. * Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. * Knowledge of intrusion detection systems and signature development. * Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. * Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. * Knowledge of cyber defence and information security policies, procedures and regulations. * Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: * Previous experience of Enterprise ICS/network architectures and technologies. * Working with frameworks and technologies that support data-intensive distributed applications. * Experience maintaining and administrating data analytical and SIEM platforms. * Experience using host and network-based IDS/IPS. Experience using packet capture solutions. * Skill in developing and deploying signatures. * Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). * Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications * Red Hat System Administration I & II (RH124/RH134). * Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. * Certified engineer in a market leading data analysis/SIEM platform. * SANS SEC501 Advanced Security Essentials Enterprise Defender. * SANS SEC 511 Continuous Monitoring & Security Operations. * SANS SEC555: SIEM with Tactical Analytics Available locations: -Hereford -Northallerton -Corsham -Portsmouth Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Cyber Defence Engineer Location: Full Time onsite in HerefordDuration: 6 MonthsRole Description:Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team.Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team.Knowledge: Knowledge of big data technologies and ecosystems (e.g., NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of front-end collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles.Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach).Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses E.g. Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
Apr 17, 2024
Full time
Cyber Defence Engineer Location: Full Time onsite in HerefordDuration: 6 MonthsRole Description:Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team.Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team.Knowledge: Knowledge of big data technologies and ecosystems (e.g., NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (e.g., host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of front-end collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles.Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach).Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses E.g. Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more!
Apr 16, 2024
Full time
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more!
Responsible for the management, support, maintenance, upgrade and development of IT applications within the business. Overseeing system reliability, security and scalability while playing a leading role in identifying technical requirements, driving DevOps practices, and ensuring compliance with regulatory standards. Client Details Leading property developer in London Description Provide 3rd line support for business applications with a primary focus on continual improvement, upgrade, integration and development. Take a lead role in identifying technical requirements in IT projects, providing technical support, maintaining comprehensive documentation of systems architecture, configurations and procedures while ensuring source control aligns with industry best practices Drive continuous value delivery to the business, adapting to changes, fostering collaboration and enhancing communications across teams. Aid in implementing DevOps practices including CI/CD pipelines deployments, leading their integration and staying updated on evolving DevOps trends and technologies. Develop and maintain disaster recovery and resilience plan for all IT applications and databases to ensure seamless continuity in the face of unexpected events. To follow Change Control procedures alongside best practice deployment in line with corporate cyber security standards. Manage relationships with users, key stakeholders and 3rd parties for applications delivery and support, including IT Application contracts renewals. Provide support for database upgrades and public websites including monthly health checks and refresh processes. Analyse data and present insights through reports and also assist with the design and development of complex SQL queries as required by the business. Develop automation scripts using APIs and other tools for continuous integration, deployment and monitoring, in ensuring reliability and efficiency in system operation. Implement robust security measures and ensure systems adhere to regulatory compliance standards, participating in regular audits and remediations as necessary. To identify and replace legacy applications where possible consolidating similar applications across the business. Coach, train and mentor junior members of the team on key skills and knowledge areas Undertake other duties as requested by Line Management. Profile Bachelor's degree in Computer Science, Engineering or relevant discipline, with a minimum of 5 years of related professional experience. A minimum of 4 years' experience in a development role. Proficient in problem-solving within an operational support environment, adept at triaging tickets and resolving issues to minimise further incidents. Strong analytical skills to identify business requirements and offer effective solutions. Experience with DevOps principles and practices including continuous integration, continuous delivery, automated testing and change control best practices. 4+ years experience in major programming languages such as ASP.NET, PHP along with substantial experience in major relational databases , preferably MS SQL Server, MySQL. Skilled in writing complex SQL queries, report development and data processing, with exposure to PowerBI. Experience with WordPress, cPanel and WHM. Understanding of HTML, CSS, JavaScript and REST API. Proven expertise and skill in cloud-based technologies, ideally with skills in Azure Experience with both Windows and Linux/Unix-based operating systems. Ability to work under pressure across diverse projects and deal effectively with ad-hoc tasks. Willingness to quickly embrace new technologies and learn modern development tools. Strong ability to engage with Suppliers and External Consultants. Strong within both a team and individual project environment. Job Offer competitive salary hybrid working generous pension insurance plans, health care subsidised gym membership store discounts. family leave
Apr 16, 2024
Full time
Responsible for the management, support, maintenance, upgrade and development of IT applications within the business. Overseeing system reliability, security and scalability while playing a leading role in identifying technical requirements, driving DevOps practices, and ensuring compliance with regulatory standards. Client Details Leading property developer in London Description Provide 3rd line support for business applications with a primary focus on continual improvement, upgrade, integration and development. Take a lead role in identifying technical requirements in IT projects, providing technical support, maintaining comprehensive documentation of systems architecture, configurations and procedures while ensuring source control aligns with industry best practices Drive continuous value delivery to the business, adapting to changes, fostering collaboration and enhancing communications across teams. Aid in implementing DevOps practices including CI/CD pipelines deployments, leading their integration and staying updated on evolving DevOps trends and technologies. Develop and maintain disaster recovery and resilience plan for all IT applications and databases to ensure seamless continuity in the face of unexpected events. To follow Change Control procedures alongside best practice deployment in line with corporate cyber security standards. Manage relationships with users, key stakeholders and 3rd parties for applications delivery and support, including IT Application contracts renewals. Provide support for database upgrades and public websites including monthly health checks and refresh processes. Analyse data and present insights through reports and also assist with the design and development of complex SQL queries as required by the business. Develop automation scripts using APIs and other tools for continuous integration, deployment and monitoring, in ensuring reliability and efficiency in system operation. Implement robust security measures and ensure systems adhere to regulatory compliance standards, participating in regular audits and remediations as necessary. To identify and replace legacy applications where possible consolidating similar applications across the business. Coach, train and mentor junior members of the team on key skills and knowledge areas Undertake other duties as requested by Line Management. Profile Bachelor's degree in Computer Science, Engineering or relevant discipline, with a minimum of 5 years of related professional experience. A minimum of 4 years' experience in a development role. Proficient in problem-solving within an operational support environment, adept at triaging tickets and resolving issues to minimise further incidents. Strong analytical skills to identify business requirements and offer effective solutions. Experience with DevOps principles and practices including continuous integration, continuous delivery, automated testing and change control best practices. 4+ years experience in major programming languages such as ASP.NET, PHP along with substantial experience in major relational databases , preferably MS SQL Server, MySQL. Skilled in writing complex SQL queries, report development and data processing, with exposure to PowerBI. Experience with WordPress, cPanel and WHM. Understanding of HTML, CSS, JavaScript and REST API. Proven expertise and skill in cloud-based technologies, ideally with skills in Azure Experience with both Windows and Linux/Unix-based operating systems. Ability to work under pressure across diverse projects and deal effectively with ad-hoc tasks. Willingness to quickly embrace new technologies and learn modern development tools. Strong ability to engage with Suppliers and External Consultants. Strong within both a team and individual project environment. Job Offer competitive salary hybrid working generous pension insurance plans, health care subsidised gym membership store discounts. family leave
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
Apr 16, 2024
Full time
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more! Being yourself Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work - that's why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we've made it our mission to give you everything you need to be authentically you. Discover more at Together we're one of a kind.
Apr 16, 2024
Full time
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more! Being yourself Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work - that's why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we've made it our mission to give you everything you need to be authentically you. Discover more at Together we're one of a kind.
A multinational business based in Maidenhead, Berkshire is looking for an articulate Junior Cyber Security Analyst to join its team. This company embrace flexibility, enabling the chosen candidate to work remotely 4 days per week. In this business-critical role, you will support the Information Security team in implementing and maintaining a robust cybersecurity framework. You will play a crucial role in safeguarding the organisations information systems, ensuring the confidentiality, integrity, and availability of company data. In order to be suitable for this position, you will have a relevant bachelor s degree in Cybersecurity, Information Technology or a related field. The chosen candidate must have familiarity with the NIST Cybersecurity Framework and have knowledge of networking protocols and systems architecture. Experience with security tools SIEM, IDS/IPS, antivirus and vulnerability scanners would be advantageous to your application. Key responsibilities include: Security Monitoring and incident response Vulnerability Management Security Awareness Training Security Policy Compliance Security Tools Management Collaboration and Documentation This is an excellent opportunity for a Junior Cyber Security Analyst to join a highly successful company and work on a range of interesting projects.
Apr 15, 2024
Full time
A multinational business based in Maidenhead, Berkshire is looking for an articulate Junior Cyber Security Analyst to join its team. This company embrace flexibility, enabling the chosen candidate to work remotely 4 days per week. In this business-critical role, you will support the Information Security team in implementing and maintaining a robust cybersecurity framework. You will play a crucial role in safeguarding the organisations information systems, ensuring the confidentiality, integrity, and availability of company data. In order to be suitable for this position, you will have a relevant bachelor s degree in Cybersecurity, Information Technology or a related field. The chosen candidate must have familiarity with the NIST Cybersecurity Framework and have knowledge of networking protocols and systems architecture. Experience with security tools SIEM, IDS/IPS, antivirus and vulnerability scanners would be advantageous to your application. Key responsibilities include: Security Monitoring and incident response Vulnerability Management Security Awareness Training Security Policy Compliance Security Tools Management Collaboration and Documentation This is an excellent opportunity for a Junior Cyber Security Analyst to join a highly successful company and work on a range of interesting projects.
A multinational business based in Maidenhead, Berkshire is looking for an articulate Junior Cyber Security Analyst to join its team. This company embrace flexibility, enabling the chosen candidate to work remotely 4 days per week. In this business-critical role, you will support the Information Security team in implementing and maintaining a robust cybersecurity framework. You will play a crucial role in safeguarding the organisations information systems, ensuring the confidentiality, integrity, and availability of company data. In order to be suitable for this position, you will have a relevant bachelor s degree in Cybersecurity, Information Technology or a related field. The chosen candidate must have familiarity with the NIST Cybersecurity Framework and have knowledge of networking protocols and systems architecture. Experience with security tools SIEM, IDS/IPS, antivirus and vulnerability scanners would be advantageous to your application. Key responsibilities include: Security Monitoring and incident response Vulnerability Management Security Awareness Training Security Policy Compliance Security Tools Management Collaboration and Documentation This is an excellent opportunity for a Junior Cyber Security Analyst to join a highly successful company and work on a range of interesting projects.
Apr 15, 2024
Full time
A multinational business based in Maidenhead, Berkshire is looking for an articulate Junior Cyber Security Analyst to join its team. This company embrace flexibility, enabling the chosen candidate to work remotely 4 days per week. In this business-critical role, you will support the Information Security team in implementing and maintaining a robust cybersecurity framework. You will play a crucial role in safeguarding the organisations information systems, ensuring the confidentiality, integrity, and availability of company data. In order to be suitable for this position, you will have a relevant bachelor s degree in Cybersecurity, Information Technology or a related field. The chosen candidate must have familiarity with the NIST Cybersecurity Framework and have knowledge of networking protocols and systems architecture. Experience with security tools SIEM, IDS/IPS, antivirus and vulnerability scanners would be advantageous to your application. Key responsibilities include: Security Monitoring and incident response Vulnerability Management Security Awareness Training Security Policy Compliance Security Tools Management Collaboration and Documentation This is an excellent opportunity for a Junior Cyber Security Analyst to join a highly successful company and work on a range of interesting projects.
Are you a software developer driven to make a tangible difference? If crafting powerful solutions used by the front-line appeals to you? We're working with forensic analytics software that empowers government agencies and law enforcement to outsmart criminal activity. Apply and see the real-world impact of your work. What You'll Do Design, code, and test new features, directly improving the lives of analysts and investigators. Collaborate closely with other teams to solve challenging problems and deliver robust solutions. What You Bring to the Table Proven skill of C# application development. Strong database skills (MS SQL Server, SQL Lite, MySQL). Solid understanding of Agile development methodologies. A collaborative spirit and the drive to make a positive impact What looks good You love to learn and thrive on finding the best tools for the job. A growth mindset focused on improving yourself, the team, and our software. The Offer Competitive salary. Wellness perks Generous annual leave plus your birthday off. Cycle to work scheme, pension contributions, and more. Flexible working to support your best work. This role involves working with sensitive information. Suitable candidates will be expected to undergo security clearance procedures. Intrigued? We want to hear from you apply or find me on Linkedin John Magee to find out more.
Apr 15, 2024
Full time
Are you a software developer driven to make a tangible difference? If crafting powerful solutions used by the front-line appeals to you? We're working with forensic analytics software that empowers government agencies and law enforcement to outsmart criminal activity. Apply and see the real-world impact of your work. What You'll Do Design, code, and test new features, directly improving the lives of analysts and investigators. Collaborate closely with other teams to solve challenging problems and deliver robust solutions. What You Bring to the Table Proven skill of C# application development. Strong database skills (MS SQL Server, SQL Lite, MySQL). Solid understanding of Agile development methodologies. A collaborative spirit and the drive to make a positive impact What looks good You love to learn and thrive on finding the best tools for the job. A growth mindset focused on improving yourself, the team, and our software. The Offer Competitive salary. Wellness perks Generous annual leave plus your birthday off. Cycle to work scheme, pension contributions, and more. Flexible working to support your best work. This role involves working with sensitive information. Suitable candidates will be expected to undergo security clearance procedures. Intrigued? We want to hear from you apply or find me on Linkedin John Magee to find out more.
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Apr 15, 2024
Contractor
DV Cleared SIEM/Incident SME Location: Northallerton/Corsham/Portsmouth Duration: 6 - 12 Months Rate to SSC: Market Rate MUST BE PAYE THROUGH UMBRELLA Role Description: The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Maintain a baseline of system security according to latest threat intelligence and evolving trends. Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices. Offer strategic and tactical security guidance including valuation requirement of technical controls. Be part of the CRM process Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident. Document, validate and create operational processes and procedures to help develop the SOC. Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. Build, install, configure, and test dedicated cyber defence hardware. Support Junior Analysts to manage SOC systems. Previous experience of Enterprise ICS/network architectures and technologies Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning. Experience as a mentor/coach to Junior Analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Skilled in using virtualisation software. Knowledge of key security frameworks (eg ISO, NIST 800-53, 800-171, 800-172, C2M2) Excellent communication skills Experience of writing Defence/Government documentation Desirable Qualifications: Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) Advanced Analyst Course (SANS SEC503 or equivalent)
Cyber Defence Engineer Location: Full Time onsite in Hereford Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive on behalf of a leading IT consultancy that require a DV cleared Cyber Defence Engineer to join their team on a major defence project that is based in Hereford. Role Description: Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: Knowledge of big data technologies and ecosystems (eg, NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics
Apr 15, 2024
Contractor
Cyber Defence Engineer Location: Full Time onsite in Hereford Duration: 6 months MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive on behalf of a leading IT consultancy that require a DV cleared Cyber Defence Engineer to join their team on a major defence project that is based in Hereford. Role Description: Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Analyse data sources to provide actionable recommendations and facilitate data-gathering methods. To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team. Knowledge: Knowledge of big data technologies and ecosystems (eg, NiFi). Knowledge of current market and emerging leaders in data analytical and SIEM platforms. Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network. Knowledge of intrusion detection systems and signature development. Knowledge of Front End collection systems, including network traffic collection, filtering, and selection. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cyber defence and information security policies, procedures and regulations. Knowledge of network security architecture concepts including topology, protocols, components and principles. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Desirable Qualifications/Certifications Red Hat System Administration I & II (RH124/RH134). Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp. Certified engineer in a market leading data analysis/SIEM platform. SANS SEC501 Advanced Security Essentials Enterprise Defender. SANS SEC 511 Continuous Monitoring & Security Operations. SANS SEC555: SIEM with Tactical Analytics
As a SOC Analyst, you will play a pivotal role in our client's cybersecurity operations, monitoring and analysing our clients' network infrastructure to detect and respond to potential security incidents. Leveraging cutting-edge tools and technologies, you will proactively identify threats, investigate security breaches, and implement effective countermeasures to mitigate risks. This role offers an exciting opportunity to work in a fast-paced environment, collaborating with skilled professionals to protect digital assets and uphold the highest standards of security. Key Responsibilities: Monitor security event alerts generated by various detection systems and respond promptly to potential threats. Conduct in-depth analysis of security incidents to determine their scope, impact, and root cause. Coordinate with internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in security incident response exercises and drills to test and refine our incident response procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to build a strong and cohesive team. Qualifications: Experience in cybersecurity, particularly within a SOC. Solid understanding of network protocols, security architectures, and threat intelligence frameworks. Hands-on experience with SIEM tools, intrusion detection/prevention systems, and endpoint security technologies. Proficiency in scripting languages such as Python or PowerShell for automation and data analysis. Strong analytical skills with the ability to methodically investigate and resolve security incidents. Excellent communication skills, with the ability to convey technical information effectively to both technical and non-technical audiences. Relevant industry certifications such as CISSP, GIAC, or CompTIA Security+ are a plus. If you are passionate about cybersecurity and eager to contribute your skills and expertise to a dynamic team, we would love to hear from you!
Apr 15, 2024
Full time
As a SOC Analyst, you will play a pivotal role in our client's cybersecurity operations, monitoring and analysing our clients' network infrastructure to detect and respond to potential security incidents. Leveraging cutting-edge tools and technologies, you will proactively identify threats, investigate security breaches, and implement effective countermeasures to mitigate risks. This role offers an exciting opportunity to work in a fast-paced environment, collaborating with skilled professionals to protect digital assets and uphold the highest standards of security. Key Responsibilities: Monitor security event alerts generated by various detection systems and respond promptly to potential threats. Conduct in-depth analysis of security incidents to determine their scope, impact, and root cause. Coordinate with internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in security incident response exercises and drills to test and refine our incident response procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to build a strong and cohesive team. Qualifications: Experience in cybersecurity, particularly within a SOC. Solid understanding of network protocols, security architectures, and threat intelligence frameworks. Hands-on experience with SIEM tools, intrusion detection/prevention systems, and endpoint security technologies. Proficiency in scripting languages such as Python or PowerShell for automation and data analysis. Strong analytical skills with the ability to methodically investigate and resolve security incidents. Excellent communication skills, with the ability to convey technical information effectively to both technical and non-technical audiences. Relevant industry certifications such as CISSP, GIAC, or CompTIA Security+ are a plus. If you are passionate about cybersecurity and eager to contribute your skills and expertise to a dynamic team, we would love to hear from you!
As a Senior Data Scientist, the candidate will work closely with Product and Engineering teams and will play a significant role in team responsible for building the AI and Analytics capabilities that power the Insurwave platform. The team is self-sufficient and fully responsible for design, development, testing, delivery, and support of the solutions. The candidate will be working across the full ML development lifecycle: data wrangling, model build, model evaluation, model deployment and model monitoring. The candidate will actively participate in these processes and will be leading and making technology and design decisions. The candidate will build solutions aligned with company-wide rules of engagement and standards and will work closely with Head of Data and AI to improve them when needed. The candidate will support team members growth and promote an open, learning culture. Responsibilities Lead and manage complex data science projects from conception to deployment, including defining project scope, timelines, and deliverables. Build high-performing AI/ML models that meet business-defined performance metrics, ensuring scalability, efficiency, and reliability. Develop and deploy production-ready data science code and models using fully automated processes, including Continuous Integration/Continuous Deployment (CI/CD) and testing frameworks. Continuously improve the performance, security, architecture, and maintainability of owned services through iterative development and optimization. Work closely with data analysts, data engineers, data scientists, and other business areas to ensure solutions are aligned with requirements, delivered according to plans, and developed to expected quality and security standards. Work closely with AI product manager to review model monitoring reports and analyse datasets in order to inform model improvement needs. Provide technical leadership and mentorship to junior data scientists, fostering a culture of learning, collaboration, and continuous improvement. Ensure the team adheres to defined best practices, standards, and processes, promoting excellence in technical execution and project delivery. Stay current with the latest advancements in data science and machine learning research and propose innovative solutions to address business challenges. Insurwave is where insurance buyers consolidate and visualise their data to understand their risk and make smarter transfer decisions. Our platform offers an integrated insurance management experience, from collecting and consolidating risk data to its distribution to all parties involved, keeping everyone in the insurance value chain connected and up-to-date. In one place, companies buying and selling risk can harness insightful data, view business exposure changes in real-time and automate time-consuming tasks to focus on what they do best.
Apr 15, 2024
Full time
As a Senior Data Scientist, the candidate will work closely with Product and Engineering teams and will play a significant role in team responsible for building the AI and Analytics capabilities that power the Insurwave platform. The team is self-sufficient and fully responsible for design, development, testing, delivery, and support of the solutions. The candidate will be working across the full ML development lifecycle: data wrangling, model build, model evaluation, model deployment and model monitoring. The candidate will actively participate in these processes and will be leading and making technology and design decisions. The candidate will build solutions aligned with company-wide rules of engagement and standards and will work closely with Head of Data and AI to improve them when needed. The candidate will support team members growth and promote an open, learning culture. Responsibilities Lead and manage complex data science projects from conception to deployment, including defining project scope, timelines, and deliverables. Build high-performing AI/ML models that meet business-defined performance metrics, ensuring scalability, efficiency, and reliability. Develop and deploy production-ready data science code and models using fully automated processes, including Continuous Integration/Continuous Deployment (CI/CD) and testing frameworks. Continuously improve the performance, security, architecture, and maintainability of owned services through iterative development and optimization. Work closely with data analysts, data engineers, data scientists, and other business areas to ensure solutions are aligned with requirements, delivered according to plans, and developed to expected quality and security standards. Work closely with AI product manager to review model monitoring reports and analyse datasets in order to inform model improvement needs. Provide technical leadership and mentorship to junior data scientists, fostering a culture of learning, collaboration, and continuous improvement. Ensure the team adheres to defined best practices, standards, and processes, promoting excellence in technical execution and project delivery. Stay current with the latest advancements in data science and machine learning research and propose innovative solutions to address business challenges. Insurwave is where insurance buyers consolidate and visualise their data to understand their risk and make smarter transfer decisions. Our platform offers an integrated insurance management experience, from collecting and consolidating risk data to its distribution to all parties involved, keeping everyone in the insurance value chain connected and up-to-date. In one place, companies buying and selling risk can harness insightful data, view business exposure changes in real-time and automate time-consuming tasks to focus on what they do best.
Junior Cyber Security Analyst. Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a nationally recognised museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Apr 15, 2024
Full time
Junior Cyber Security Analyst. Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a nationally recognised museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Junior Cyber Security Analyst. Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a globally recognized museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Apr 15, 2024
Full time
Junior Cyber Security Analyst. Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a globally recognized museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Robert Half have partnered exclusively with a growing Technology business based in central Bristol as they look to recruit a Junior IT Security Analyst on a permanent basis. My client is willing to train and invest into the right candidate - this will suit a graduate with an interest in Technology looking to develop their skillset/knowledge in a brilliant business. The focus of the role will be spread across; Managing internal IT security policies Reviewing and updating the IT risk log - covering risk identification, risk likelihood and risk mitigation. Performing security impact assessments of systems, data and operations Experience; Ideally this role would suit a graduate with a high attention to detail and willingness to learn. Good communication skills - this role will require engagement across the business (including senior stakeholders). Interest in IT/Security and willingness to continue personal development in this space. Salary; £25,000 - £30,000 Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to equal opportunity and diversity. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb/en/privacy-notice Security alert: scammers are currently targeting jobseekers. Robert Half do not ask candidates for a fee or request candidates to send applications through instant messaging services such as WhatsApp or Telegram. Learn how to protect yourself by visiting our website: gb/en/how-spot-recruitment-scams-and-protect-yourself
Apr 15, 2024
Full time
Robert Half have partnered exclusively with a growing Technology business based in central Bristol as they look to recruit a Junior IT Security Analyst on a permanent basis. My client is willing to train and invest into the right candidate - this will suit a graduate with an interest in Technology looking to develop their skillset/knowledge in a brilliant business. The focus of the role will be spread across; Managing internal IT security policies Reviewing and updating the IT risk log - covering risk identification, risk likelihood and risk mitigation. Performing security impact assessments of systems, data and operations Experience; Ideally this role would suit a graduate with a high attention to detail and willingness to learn. Good communication skills - this role will require engagement across the business (including senior stakeholders). Interest in IT/Security and willingness to continue personal development in this space. Salary; £25,000 - £30,000 Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to equal opportunity and diversity. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb/en/privacy-notice Security alert: scammers are currently targeting jobseekers. Robert Half do not ask candidates for a fee or request candidates to send applications through instant messaging services such as WhatsApp or Telegram. Learn how to protect yourself by visiting our website: gb/en/how-spot-recruitment-scams-and-protect-yourself
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extension Northallerton What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Apr 15, 2024
Full time
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extension Northallerton What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Portsmouth What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Apr 15, 2024
Full time
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Portsmouth What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Corsham What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Apr 15, 2024
Full time
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Corsham What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.