At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more!
Apr 30, 2024
Full time
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more!
A Junior IT Support role is now available for a passionate tech enthusiast looking to kick-start their career in the industrial/manufacturing sector. The candidate will have the opportunity to work in a supportive team providing essential technical support across the company. Client Details Our client is a well-established player in the industrial/manufacturing industry. With a workforce of over 800 employees, they have carved a niche for themselves with their innovation and quality products. They are recognised for their strong commitment to staff development. Description Junior IT Support analyst - Sutton Coldfield Provide first-level contact and convey resolutions to user issues Properly escalate unresolved queries to the next level of support Document knowledge in the form of knowledge base tech notes and articles Walk customers through problem-solving processes Preserve and grow knowledge of help desk procedures, products and services Ensure proper recording, documentation and closure of trouble tickets Follow-up and update customer status and information Support users in the use of Computer Equipment by providing necessary training and advice Profile Junior IT Support analyst - Sutton Coldfield A successful Junior IT Support should have: A degree in Information Technology, Computer Science or a related field Knowledge of computer software and hardware. Windows OS / Windows software / Networking principles. Excellent problem-solving and multitasking skills Working knowledge of office automation products and computer peripherals, like printers and scanners. Knowledge of network security practices and anti-virus programs Ability to perform remote troubleshooting and provide clear instructions Job Offer Junior IT Support analyst - Sutton Coldfield A competitive salary in the range of 18,000 - 23,000 per annum. Standard benefits package Opportunity to be part of a supportive team in a well-established company Excellent career development opportunities Great work culture that values work-life balance We encourage passionate individuals looking to start their / develop a career in the IT sector to apply for this exciting opportunity.
Apr 30, 2024
Full time
A Junior IT Support role is now available for a passionate tech enthusiast looking to kick-start their career in the industrial/manufacturing sector. The candidate will have the opportunity to work in a supportive team providing essential technical support across the company. Client Details Our client is a well-established player in the industrial/manufacturing industry. With a workforce of over 800 employees, they have carved a niche for themselves with their innovation and quality products. They are recognised for their strong commitment to staff development. Description Junior IT Support analyst - Sutton Coldfield Provide first-level contact and convey resolutions to user issues Properly escalate unresolved queries to the next level of support Document knowledge in the form of knowledge base tech notes and articles Walk customers through problem-solving processes Preserve and grow knowledge of help desk procedures, products and services Ensure proper recording, documentation and closure of trouble tickets Follow-up and update customer status and information Support users in the use of Computer Equipment by providing necessary training and advice Profile Junior IT Support analyst - Sutton Coldfield A successful Junior IT Support should have: A degree in Information Technology, Computer Science or a related field Knowledge of computer software and hardware. Windows OS / Windows software / Networking principles. Excellent problem-solving and multitasking skills Working knowledge of office automation products and computer peripherals, like printers and scanners. Knowledge of network security practices and anti-virus programs Ability to perform remote troubleshooting and provide clear instructions Job Offer Junior IT Support analyst - Sutton Coldfield A competitive salary in the range of 18,000 - 23,000 per annum. Standard benefits package Opportunity to be part of a supportive team in a well-established company Excellent career development opportunities Great work culture that values work-life balance We encourage passionate individuals looking to start their / develop a career in the IT sector to apply for this exciting opportunity.
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Portsmouth What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further. JBRP1_UKTJ
Apr 30, 2024
Full time
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Portsmouth What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further. JBRP1_UKTJ
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Corsham What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further. JBRP1_UKTJ
Apr 30, 2024
Full time
Cyber Defence Analyst - DV Clearance Required! The Cyber Defence Analyst will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensio Corsham What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further. JBRP1_UKTJ
Are you a software developer driven to make a tangible difference? If crafting powerful solutions used by the front-line appeals to you? We're working with forensic analytics software that empowers government agencies and law enforcement to outsmart criminal activity. Apply and see the real-world impact of your work. What You'll Do Design, code, and test new features, directly improving the lives of analysts and investigators. Collaborate closely with other teams to solve challenging problems and deliver robust solutions. What You Bring to the Table Proven skill of C# application development. Strong database skills (MS SQL Server, SQL Lite, MySQL). Solid understanding of Agile development methodologies. A collaborative spirit and the drive to make a positive impact What looks good You love to learn and thrive on finding the best tools for the job. A growth mindset focused on improving yourself, the team, and our software. The Offer Competitive salary. Wellness perks Generous annual leave plus your birthday off. Cycle to work scheme, pension contributions, and more. Flexible working to support your best work. This role involves working with sensitive information. Suitable candidates will be expected to undergo security clearance procedures. Intrigued? We want to hear from you apply or find me on Linkedin John Magee to find out more.
Apr 30, 2024
Full time
Are you a software developer driven to make a tangible difference? If crafting powerful solutions used by the front-line appeals to you? We're working with forensic analytics software that empowers government agencies and law enforcement to outsmart criminal activity. Apply and see the real-world impact of your work. What You'll Do Design, code, and test new features, directly improving the lives of analysts and investigators. Collaborate closely with other teams to solve challenging problems and deliver robust solutions. What You Bring to the Table Proven skill of C# application development. Strong database skills (MS SQL Server, SQL Lite, MySQL). Solid understanding of Agile development methodologies. A collaborative spirit and the drive to make a positive impact What looks good You love to learn and thrive on finding the best tools for the job. A growth mindset focused on improving yourself, the team, and our software. The Offer Competitive salary. Wellness perks Generous annual leave plus your birthday off. Cycle to work scheme, pension contributions, and more. Flexible working to support your best work. This role involves working with sensitive information. Suitable candidates will be expected to undergo security clearance procedures. Intrigued? We want to hear from you apply or find me on Linkedin John Magee to find out more.
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key soft skill areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website (url removed)
Apr 30, 2024
Full time
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key soft skill areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website (url removed)
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Apr 30, 2024
Full time
Senior Threat Intelligence Analyst About Us: We are the tech company with people at heart. At Advania, we believe in empowering people to create sustainable value through the clever use of technology. As one of Microsoft's leading partners in the UK, specialising in Azure, Security, Dynamics 365, and Microsoft 365, we have a proven track record of success in delivering transformational IT services. Position Overview: As a Senior Cyber Threat Intelligence Analyst, you will be responsible for the day-today delivery of Cyber Threat Intelligence to clients spanning multiple industries, as well as leadership and coaching of junior analysts, and ongoing development of our service. This is a hands-on role and requires both a broad technical knowledge of Cyber Security, as well as specific focused knowledge of CTI tools and processes. Knowledge and/or experience of modern IT Systems, particularly Microsoft solutions and network infrastructure is advantageous. Responsibilities: Proactively research and analyse emerging cyber threats, malware variants, and attacker Tactics, Techniques, and Procedures (TTPs) from various open and closed sources, including threat intelligence feeds, dark web monitoring, and open-source reporting. Develop and maintain comprehensive threat intelligence reports and briefings tailored for technical and non-technical audiences, translating complex information into actionable insights for informed decision-making. Lead or participate in incident response activities, including investigation, analysis of evidence, and collaboration with other teams like IT operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerability management activities, collaborating with the vulnerability management team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. Contribute to the development and implementation of comprehensive security policies and procedures to strengthen the organisation's overall cyber defence posture. Stay up to date with the latest cyber security trends and developments through continuous learning and participation in industry conferences and training programs. Mentor and support junior cyber security analysts within the team. Analyse large volumes of complex data from security tools, logs, and incident reports to identify potential threats and assess their risk level. Professional Experience: Demonstrable understanding of the Cybersecurity Ecosystem and Infrastructure Technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS). Experience in secured cloud architectures (Azure, AWS, or similar) and engineering solutions. An understanding of operating systems and their programming interfaces such as UNIX Shell and PowerShell. Experience with scripting languages (Python, Bash) and familiarity with APIs beneficial. An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS. Experience leading teams and providing deputy support to Management. Experience designing a service, reviewing effectiveness of services, procurement, or business project work. Qualifications: One or more of the following industry certifications: SANS301/SANS401/FOR578, Crest CRTIA/CCTIM, Security+, or similar. Ideally a BSc or MSc in Cyber Security, preferably including modules on Ethical Hacking, Digital Forensics, Information Security or Threat Intelligence Please note you need to be eligible to undergo the Security Clearance process for this position. This means you will need to be a British national with 5 years residency in the UK. Click here for the list of benefits. Our Selection Process: We are committed to ensuring an equitable experience for all candidates, regardless of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law. Please do let us know if you'll need any reasonable adjustments as part of the selection process by highlighting these on your application form.
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
Apr 30, 2024
Full time
Global Information Security Operations Manager This is a senior technical lead position that will focus on MLP's security incident response and manage global security operations staff. The role will also include maintenance, monitoring and administration of key information security technologies. The Information Security Team fosters a collaborative environment and is building a best of breed practice to partner with the business to protect the Firm's information and computer systems. The successful candidate must have hands-on technical experience in supporting infrastructure platforms and providing leadership to junior members of the team. The role is suited to individuals with prior experience developing and implementing security procedures and controls as well as management experience in a Security Operations Center (SOC) environment. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority which makes this role very challenging. Principal Responsibilities Responsible for the daily operation of enterprise security systems including SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems. Manage junior level analysts in the daily operation of enterprise security systems including shift rotations and hand-offs. Work closely with Managed Security Providers (MSP) to maintain runbooks, escalation procedures, and consume available threat intelligence. Utilize detective controls to develop rules and alerts to drive security monitoring. Perform hunt activities across our log aggregation and SIEM platforms. Recommend, test, tune and implement SIEM and other tooling correlation rules. Identify false-positives from alerting, and perform incident response, triage, incident analysis and remediation tasks. Recommend and develop new SIEM use cases/rules with engineering teams. Maintain documentation for the SOC function, including training program for new Security Operations personnel. Participate in Information Security Incident Response activities for the Firm's environment. Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering client queries. Perform threat and vulnerability management functions including vulnerability scans and/or analyze results of scans and assist with remediation as required. Collaborate with the Information Security Team to consume feeds from a suite of security tools including AV, Advanced Malware Detection, SIEM, IDS, Vulnerability scanners, etc. Ensure MLP enterprise security products are functioning and protecting the environment as expected while providing stability and maintaining policies and procedures. Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies. Provide technical support to IT staff in the detection and resolution of security problems. Develop and maintain documentation of all Security products including specific tools, technologies and processes. Qualifications/Skills Required Experience performing security monitoring and incident response and triage work in a 24/7 environment. Experience with people management in a technical role, preferably in a SOC setting. Experience with ticketing systems and API integration work. Hands-on experience with one of the major SIEM platforms in use i.e Splunk, Q1Radar, etc Excellent understanding of common exploit scenarios and indicators of compromise (IOCs) Log analysis and experience reviewing security events. Ability to manipulate data and produce relevant metrics and reporting around security incidents. Excellent understanding and experience across broad spectrum of technologies - including operating system, cloud, Active Directory, Group Policy, DNS, Messaging. High level understanding of internetworking, data transmission and encryption protocols. Experience with vulnerability management scanning platforms. Ability to handle sensitive and/or confidential materials with appropriate discretion. Scripting and development skills (Python, Powershell, VBscript, Rest a plus). Possess a passion for Information Security and Technology. Able to prioritize in a fast moving, high pressure, constantly changing environment; High sense of urgency Ability to communicate and collaborate across technology teams. Bachelor's degree (Computer Science or Engineering preferred) with strong IT background. Have substantial experience working in a technical role and extensive experience concentrating on information security, financial industry At least one security certification (CISSP, CEH, GCIA, CISM, etc.).
Senior SOC Analyst This is a chance for an individual to be in 'at the ground up' at the start of the development of the SOC and will play a leading role in the day-to-day activity of the SOC and influence of the SOC on an operational, technical and strategic level. The role will require SC Security Clearance and therefore candidate must only be UK nationals (duel nationality isn't accepted unfortunately) £50000 - £60000 per annum + Remote working London, Central What will you be doing? Primarily the role will be concerned with selecting and standing up an appropriate SIEM platform to service our client's needs. Once the tool is Embedded and processes are in place to ensure Business as Usual running, the role will then involve leading security monitoring efforts, conducting in-depth investigations, and actively participating in incident response activities. Duties & Responsibilities: Security Monitoring: Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct Real Time analysis of security alerts and escalate incidents as necessary. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Investigations: Perform in-depth investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Security Tool Management: Manage and optimise security tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Security Awareness: Contribute to security awareness training programs for employees to promote a culture of cybersecurity vigilance. Provide guidance on security best practices to various teams within the organization. Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Create monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes Essential Skills and Experience: Analytical mindset with the ability to troubleshoot and solve complex security issues. Excellent communication and interpersonal skills for collaborating with diverse teams. Leadership qualities to guide Junior Analysts and drive security initiatives. Up-to-date knowledge of cybersecurity trends and threats. Full understanding of SIEM systems - IBM QRadar, FortiSIEM, Splunk, Sentinel etc IT Security Management, Policies, Procedures, Standards and Guidelines Risk Assessment Privacy and Compliance Conversant with security best practices (including ISO27001) and relevant security legislation Security Operations and Incident Handling IT Security Architecture If you are interested in hearing more please apply below or ring or send your CV to (see below)
Apr 29, 2024
Full time
Senior SOC Analyst This is a chance for an individual to be in 'at the ground up' at the start of the development of the SOC and will play a leading role in the day-to-day activity of the SOC and influence of the SOC on an operational, technical and strategic level. The role will require SC Security Clearance and therefore candidate must only be UK nationals (duel nationality isn't accepted unfortunately) £50000 - £60000 per annum + Remote working London, Central What will you be doing? Primarily the role will be concerned with selecting and standing up an appropriate SIEM platform to service our client's needs. Once the tool is Embedded and processes are in place to ensure Business as Usual running, the role will then involve leading security monitoring efforts, conducting in-depth investigations, and actively participating in incident response activities. Duties & Responsibilities: Security Monitoring: Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct Real Time analysis of security alerts and escalate incidents as necessary. Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Investigations: Perform in-depth investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Security Tool Management: Manage and optimise security tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Security Awareness: Contribute to security awareness training programs for employees to promote a culture of cybersecurity vigilance. Provide guidance on security best practices to various teams within the organization. Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Create monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes Essential Skills and Experience: Analytical mindset with the ability to troubleshoot and solve complex security issues. Excellent communication and interpersonal skills for collaborating with diverse teams. Leadership qualities to guide Junior Analysts and drive security initiatives. Up-to-date knowledge of cybersecurity trends and threats. Full understanding of SIEM systems - IBM QRadar, FortiSIEM, Splunk, Sentinel etc IT Security Management, Policies, Procedures, Standards and Guidelines Risk Assessment Privacy and Compliance Conversant with security best practices (including ISO27001) and relevant security legislation Security Operations and Incident Handling IT Security Architecture If you are interested in hearing more please apply below or ring or send your CV to (see below)
As a SOC Analyst, you will play a pivotal role in our client's cybersecurity operations, monitoring and analysing our clients' network infrastructure to detect and respond to potential security incidents. Leveraging cutting-edge tools and technologies, you will proactively identify threats, investigate security breaches, and implement effective countermeasures to mitigate risks. This role offers an exciting opportunity to work in a fast-paced environment, collaborating with skilled professionals to protect digital assets and uphold the highest standards of security. Key Responsibilities: Monitor security event alerts generated by various detection systems and respond promptly to potential threats. Conduct in-depth analysis of security incidents to determine their scope, impact, and root cause. Coordinate with internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in security incident response exercises and drills to test and refine our incident response procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to build a strong and cohesive team. Qualifications: Experience in cybersecurity, particularly within a SOC. Solid understanding of network protocols, security architectures, and threat intelligence frameworks. Hands-on experience with SIEM tools, intrusion detection/prevention systems, and endpoint security technologies. Proficiency in scripting languages such as Python or PowerShell for automation and data analysis. Strong analytical skills with the ability to methodically investigate and resolve security incidents. Excellent communication skills, with the ability to convey technical information effectively to both technical and non-technical audiences. Relevant industry certifications such as CISSP, GIAC, or CompTIA Security+ are a plus. If you are passionate about cybersecurity and eager to contribute your skills and expertise to a dynamic team, we would love to hear from you!
Apr 29, 2024
Full time
As a SOC Analyst, you will play a pivotal role in our client's cybersecurity operations, monitoring and analysing our clients' network infrastructure to detect and respond to potential security incidents. Leveraging cutting-edge tools and technologies, you will proactively identify threats, investigate security breaches, and implement effective countermeasures to mitigate risks. This role offers an exciting opportunity to work in a fast-paced environment, collaborating with skilled professionals to protect digital assets and uphold the highest standards of security. Key Responsibilities: Monitor security event alerts generated by various detection systems and respond promptly to potential threats. Conduct in-depth analysis of security incidents to determine their scope, impact, and root cause. Coordinate with internal teams and external stakeholders to escalate and remediate security breaches in a timely manner. Develop and maintain comprehensive documentation of security incidents, including incident reports and post-mortem analyses. Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continuously enhance our security posture. Participate in security incident response exercises and drills to test and refine our incident response procedures. Collaborate with cross-functional teams to implement security controls and measures to protect against known and emerging threats. Provide guidance and support to junior SOC analysts, sharing knowledge and best practices to build a strong and cohesive team. Qualifications: Experience in cybersecurity, particularly within a SOC. Solid understanding of network protocols, security architectures, and threat intelligence frameworks. Hands-on experience with SIEM tools, intrusion detection/prevention systems, and endpoint security technologies. Proficiency in scripting languages such as Python or PowerShell for automation and data analysis. Strong analytical skills with the ability to methodically investigate and resolve security incidents. Excellent communication skills, with the ability to convey technical information effectively to both technical and non-technical audiences. Relevant industry certifications such as CISSP, GIAC, or CompTIA Security+ are a plus. If you are passionate about cybersecurity and eager to contribute your skills and expertise to a dynamic team, we would love to hear from you!
Graduate/Junior Quality Assurance Engineer Analyst required by a growing data security company. Due to continued success and planned expansion the company are looking to hire a Graduate/Junior Quality Assurance Engineer Essential Experience; Degree in Network Engineering, Computer Science or similar scientific discipline Strong problem-solving skills Analytical skills for understanding and breaking down requirements MS SQL Server experience/ knowledge Good knowledge or exposure to Powershell or other scripting languages Excellent attention to detail Any experience in one or more of the following is not essential but would be advantageous; Azure Pipelines Linux Cloud Platforms Database Platforms like PostgreSQL, Oracle etc If you are looking for an opportunity of this nature please contact (url removed) or call (phone number removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Apr 29, 2024
Full time
Graduate/Junior Quality Assurance Engineer Analyst required by a growing data security company. Due to continued success and planned expansion the company are looking to hire a Graduate/Junior Quality Assurance Engineer Essential Experience; Degree in Network Engineering, Computer Science or similar scientific discipline Strong problem-solving skills Analytical skills for understanding and breaking down requirements MS SQL Server experience/ knowledge Good knowledge or exposure to Powershell or other scripting languages Excellent attention to detail Any experience in one or more of the following is not essential but would be advantageous; Azure Pipelines Linux Cloud Platforms Database Platforms like PostgreSQL, Oracle etc If you are looking for an opportunity of this nature please contact (url removed) or call (phone number removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Junior Cyber Security Analyst. Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a nationally recognised museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Apr 29, 2024
Full time
Junior Cyber Security Analyst. Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a nationally recognised museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: London. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Junior Cyber Security Analyst. Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a globally recognized museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
Apr 29, 2024
Full time
Junior Cyber Security Analyst. Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. An exceptional career opportunity is available to work for a globally recognized museum. The museum has recently invested significantly in advanced systems to detect, prevent and resolve emerging cyber threats. Additionally, the museum must comply with various regulatory frameworks and legislation such as PCI-DSS, GDPR, CAA and Cyber Essentials. The maintenance of these security systems requires dedicated security team resources. This vacancy is a fantastic opportunity for a junior-level cybersecurity enthusiast with practical blue team knowledge/experience to develop more cyber awareness and understanding. Junior Cyber Security Analyst Key Skills: We are eager to connect with aspiring Junior Cyber Security Analysts, Cyber Security Interns, Entry-Level Cyber Security Engineers, Junior IT Security Engineers, and other early-career professionals focusing on cyber and IT security. To excel in this position, you must possess many of the following: - A good understanding of Cyber and IT Security concepts and practices. - Some experience performing Antivirus audits and checks. - Good knowledge or practical experience of blue team activities, including daily monitoring and reporting cyber threats, hazards, or risks. - The ability to patch devices, systems, or networks against vulnerabilities. - Knowledge or experience of one or more of the following: Cyber Essentials, Darktrace, Qualys. - Experience working with any endpoint security tool or software, such as MS Defender, Sophos, ESET, Trellix, Symantec, etc. - Have excellent English communication skills (written and verbal). All applicants must reside in the UK and have the right to work. About the Junior Cyber Security Analyst position: You will be a member of the IT Security Team. You will track and report daily cyber threats, hazards, risks, controls, mitigations, and measures to safeguard our client's systems and personnel. You will proactively monitor all output from the various security systems to ensure minimal downtime, and the business will always be protected from cyber threats. You will ensure that all websites, services, servers, and employee devices have installed adequate vulnerability patches. Responsibilities include: - Harnessing the cutting-edge capabilities of Darktrace to detect, prevent, and monitor cyber threats in real-time. - Finding systemic cyber vulnerabilities to make sure security is preserved. - To oversee the patching of critical systems and infrastructure across the entire company, including those platforms maintained by third-party suppliers, in accordance with Cyber Essentials, and to make sure that all devices covered by the programme comply with the standard. - Investigating and researching attack methods to create defences against emerging threats. - Support and adhere to the IT Security Incident Response process as needed. - Assistance with cyber security risk assessments, yearly audits, and ongoing improvement of incident management. Salary and Benefits: Salary: To £30-38,000 Location: Duxford, Cambridgeshire. On-premises. Office Based: Four days a week. Remote Working: One day a week. Holiday: 25 days + Bank Holidays. Rising to 30 days after five years. Museum benefits: - 20% discount in all on-site shops - 25% discount in museum cafes - Free entry to a large number of other museums and galleries. - Enhanced maternity and paternity: Yes Other benefits: - Access to Childcare vouchers. - Access to in-house training programmes and development. For more information on this Junior Cyber Security Analyst position, please get in touch with us to discuss. Our client welcomes everyone. They celebrate difference and encourage everyone to join and be themselves at work.
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more! Being yourself Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work - that's why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we've made it our mission to give you everything you need to be authentically you. Discover more at Together we're one of a kind.
Apr 29, 2024
Full time
At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we're a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day. We're evolving, to be a more digitally-focused data-driven insurance company of the future - and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That's why we're embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution. We have an exciting opportunity for a Senior Security Operations Analyst to join our re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business. What else you'll be doing: Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team. Managing development and improvements required for detection engineering and associated technologies. Responsible for the operational and threat malware analysis for the group. Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management. Responsible for the level 2 / 3 operational Cyber incident response. Escalating in a timely manner any incidents and anomalies that are detected within DLG and providing subject matter expertise and guidance for operational challenges. Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company. Collating metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required. Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level Operational On-Call Requirement This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions. What you'll need: Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning. Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications. Knowledge and experience of performing network traffic analysis for identifying any developing patterns. Ability to assist with knowledge transfer and mentoring/up skilling of junior team members Security Analysis for CompTIA CySA+ or similar level of certification It would be beneficial if you have: Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM. Knowledge of reporting suites such as Power BI Good understanding of Microsoft security suites and associated qualifications Threat identification. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body Technical certifications by a recognised professional body in network or systems engineering Fundamental Cloud Concepts for AWS. OWASP Top 10: API Security Playbook. Ways of Working This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you. Read our flexible working approach here Benefits We wouldn't be where we are today without our people and the wide variety of perspectives and life experiences they bring. That's why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include: 9% employer contributed pension Up to 10% bonus 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover Additional optional Health and Dental insurance EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way. 25 days annual leave Buy as you earn share scheme Employee discounts and cashback Plus many more! Being yourself Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work - that's why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we've made it our mission to give you everything you need to be authentically you. Discover more at Together we're one of a kind.
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Apr 28, 2024
Full time
Junior SOC Analyst - Hybrid - 3 days on site - Nottinghamshire Main Responsibilities: - Triage, analyse and investigate alerts, log data and network traffic using security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents. - Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents. - Create and maintain the clients target cyber security architecture. - Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture. - Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs. - Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results. - Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling. - Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening. - Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks. - Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office. Skills, Knowledge and Experience - Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP. - Qualifications such as CISSP and CISM would be advantageous. - Problem solving skills, and the ability to come up with new solutions to existing challenges. - Strengths in key 'soft skill' areas such as relationship management, communication, and presentation of technical security information to a variety of audiences. - Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis. - A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk. - Capable of working independently/without ongoing supervision on projects and day to day tasks. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
As a Senior Data Scientist, the candidate will work closely with Product and Engineering teams and will play a significant role in team responsible for building the AI and Analytics capabilities that power the Insurwave platform. The team is self-sufficient and fully responsible for design, development, testing, delivery, and support of the solutions. The candidate will be working across the full ML development lifecycle: data wrangling, model build, model evaluation, model deployment and model monitoring. The candidate will actively participate in these processes and will be leading and making technology and design decisions. The candidate will build solutions aligned with company-wide rules of engagement and standards and will work closely with Head of Data and AI to improve them when needed. The candidate will support team members growth and promote an open, learning culture. Responsibilities Lead and manage complex data science projects from conception to deployment, including defining project scope, timelines, and deliverables. Build high-performing AI/ML models that meet business-defined performance metrics, ensuring scalability, efficiency, and reliability. Develop and deploy production-ready data science code and models using fully automated processes, including Continuous Integration/Continuous Deployment (CI/CD) and testing frameworks. Continuously improve the performance, security, architecture, and maintainability of owned services through iterative development and optimization. Work closely with data analysts, data engineers, data scientists, and other business areas to ensure solutions are aligned with requirements, delivered according to plans, and developed to expected quality and security standards. Work closely with AI product manager to review model monitoring reports and analyse datasets in order to inform model improvement needs. Provide technical leadership and mentorship to junior data scientists, fostering a culture of learning, collaboration, and continuous improvement. Ensure the team adheres to defined best practices, standards, and processes, promoting excellence in technical execution and project delivery. Stay current with the latest advancements in data science and machine learning research and propose innovative solutions to address business challenges. Insurwave is where insurance buyers consolidate and visualise their data to understand their risk and make smarter transfer decisions. Our platform offers an integrated insurance management experience, from collecting and consolidating risk data to its distribution to all parties involved, keeping everyone in the insurance value chain connected and up-to-date. In one place, companies buying and selling risk can harness insightful data, view business exposure changes in real-time and automate time-consuming tasks to focus on what they do best. We are looking forward to hearing from you! Thank you for your interest in Insurwave. Please fill out the following short form. Should you have difficulties with the upload of your data, please send an email to Please add all mandatory information with a to send your application.
Apr 28, 2024
Full time
As a Senior Data Scientist, the candidate will work closely with Product and Engineering teams and will play a significant role in team responsible for building the AI and Analytics capabilities that power the Insurwave platform. The team is self-sufficient and fully responsible for design, development, testing, delivery, and support of the solutions. The candidate will be working across the full ML development lifecycle: data wrangling, model build, model evaluation, model deployment and model monitoring. The candidate will actively participate in these processes and will be leading and making technology and design decisions. The candidate will build solutions aligned with company-wide rules of engagement and standards and will work closely with Head of Data and AI to improve them when needed. The candidate will support team members growth and promote an open, learning culture. Responsibilities Lead and manage complex data science projects from conception to deployment, including defining project scope, timelines, and deliverables. Build high-performing AI/ML models that meet business-defined performance metrics, ensuring scalability, efficiency, and reliability. Develop and deploy production-ready data science code and models using fully automated processes, including Continuous Integration/Continuous Deployment (CI/CD) and testing frameworks. Continuously improve the performance, security, architecture, and maintainability of owned services through iterative development and optimization. Work closely with data analysts, data engineers, data scientists, and other business areas to ensure solutions are aligned with requirements, delivered according to plans, and developed to expected quality and security standards. Work closely with AI product manager to review model monitoring reports and analyse datasets in order to inform model improvement needs. Provide technical leadership and mentorship to junior data scientists, fostering a culture of learning, collaboration, and continuous improvement. Ensure the team adheres to defined best practices, standards, and processes, promoting excellence in technical execution and project delivery. Stay current with the latest advancements in data science and machine learning research and propose innovative solutions to address business challenges. Insurwave is where insurance buyers consolidate and visualise their data to understand their risk and make smarter transfer decisions. Our platform offers an integrated insurance management experience, from collecting and consolidating risk data to its distribution to all parties involved, keeping everyone in the insurance value chain connected and up-to-date. In one place, companies buying and selling risk can harness insightful data, view business exposure changes in real-time and automate time-consuming tasks to focus on what they do best. We are looking forward to hearing from you! Thank you for your interest in Insurwave. Please fill out the following short form. Should you have difficulties with the upload of your data, please send an email to Please add all mandatory information with a to send your application.
Cyber Defence Engineer - DV Clearance Required! The Cyber Defence Engineer will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensions Northallerton (4 days on site) What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Someone hands on. Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Apr 26, 2024
Contractor
Cyber Defence Engineer - DV Clearance Required! The Cyber Defence Engineer will join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of Junior Analysts, monitoring networks to actively remediate unauthorised activities. We offer: Daily Rate - Market rate - flexible 12-Month Contract with Likely Extensions Northallerton (4 days on site) What we're looking for: Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks Skilled in maintaining Microsoft directory services. Experience using virtualisation software. Excellent communication skills Experience of writing Defence/Government documentation Someone hands on. Responsibilities include: Develop and integrate security event monitoring and incident management services. Respond to security incidents as they occur as part of an incident response team. Implement metrics and dashboards to give visibility of the Enterprise infrastructure. Produce documentation to ensure the repeatability and standardisation of security operating procedures. Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis. Apply now to discuss this exciting opportunity further.
Crisis24, a GardaWorld company, is widely regarded as the leading integrated risk management, crisis response, consulting, and global protective solutions firm, serving the world's most influential people, disruptive brands, and prominent organizations. Championed by our advanced Global Operation Centers and our skilled team of intelligence analysts, we offer highly specialized services, security and consulting, with the technology and AI to power it all across the globe. At Crisis24, we go beyond mere employment; we pave the way to a realm where your skills become instrumental in shaping global security, guiding clients through a multifaceted and challenging landscape. Your journey with us will be deeply fulfilling, driven by a powerful sense of purpose and accomplishment. Within our thriving environment, you'll discover abundant chances for both personal and career advancement. Seize this moment to push your limits, broaden your expertise, and elevate your professional journey to unprecedented levels. Join the Crisis24 team today and be a part of something extraordinary where growth and impact converge. Crisis24's Crisis & Security Consulting (CSC) division, specifically the All-Hazards Response team, is on the lookout for a Senior Consultant. This role is ideally suited for candidates based in the UK or in mainland Europe. As a part of our dynamic and agile Response Group, the successful applicant will have the chance to enhance their skill set and knowledge, enabling them to contribute across various teams within the organization. Candidates should possess comprehensive experience in crisis management at both tactical and strategic levels and have a wide-ranging understanding of different industries. The position involves readiness to deploy globally at short notice, often in challenging situations, requiring confidence and the ability to provide immediate support and guidance to high-level / C-Suite stakeholders. What You Will Work On Summary You will deliver All Hazards Response services, providing expert advice and guidance to clients facing crises, from threats and violence to political and cyber-related issues. This role entails global deployment, often without prior notice, creating documentation in line with CSC's methodologies, conducting sensitive investigations, and potentially training as a subject matter expert for example as a crisis communications consultant. You will also support the development of junior team members and collaborate with the global consulting team on service delivery, maintaining accurate records across platforms such as Salesforce. Specifics Provide advice and guidance to clients in response to case activations on the following peril types: Active Assailant / Workplace Violence; Political Violence & Terrorism; Cyber Extortion; and Any other crisis-level event in which All-Hazard Response are engaged. Deployment globally in support of any new case activation, often with no notice. Produce all relevant documentation in support of assigned response cases, in line with CSC's doctrine and methodology. Coordinate and conduct sensitive investigational support to clients. Train as a Crisis Communications consultant. Support the development of more junior team members and work in cooperation with the wider global consulting team on all other aspects of consulting services delivery. Keep Salesforce and any other platforms used by Crisis24 up to date and accurate in relation to relevant accounts and proposals. Obtain the skill set and knowledge to actively respond as a Special Risks Response Consultant when required. Support to Insurance Partners Deliver onboarding briefings to new policy holders. Provide capability briefings in support of marketing the wider insurance policies. Assist in the delivery of update reports to insurance underwriters during ongoing cases. Generation of new response retainers, providing services to insurance partners or private clients. Direct engagement contracts for new response cases when insurance options are not present. Assist wider CSC team members in any business development briefings and activity when required. Support the implementation of a business development plan for the region. Scope, price, manage and/or oversee the development of client proposals and responses to RFPs. Represent CSC, Crisis24 and GardaWorld in client pitches/senior-level presentations/in-person meetings. Duty officer Following training, there may be a requirement to join the Duty Officer roster for All-Hazards Response activations. Account management Client liaison and account/client relationship management of new and existing consulting clients. Other Support the wider Crisis24 and GardaWorld business as required. Who You Will Work With Under the guidance of the Associate Director for All Hazards Response, you will collaborate on a variety of response cases and projects. These initiatives are diverse in terms of geography, industry, and complexity, necessitating effective management of pressures. You will be an integral part of both the Response Group and the wider CSC team, frequently assisting other teams within Crisis24 and GardaWorld. Owing to the sensitive nature of the case activity, All Hazards personnel are often visible to the highest levels of leadership within Crisis24 and GardaWorld. What You Will Bring Summary Candidates should have at least 10 years of experience in Crisis Management, preferably within a corporate or consulting environment, and a solid background in Security Risk and Crisis Management. You should be knowledgeable about crisis response processes, the specialist insurance market, and have a track record of developing new business opportunities. The role demands extensive global travel, often to high-risk areas, and requires strong analytical, problem-solving, and communication skills. Candidates must be adaptable, motivated to work irregular hours, and committed to continuous professional development. Specifics 10+ years of experience in Crisis Management, preferably in a corporate and/or consulting setting. Strong working knowledge of Security Risk and Crisis Management. In-depth knowledge and experience of crisis response processes. An understanding of specialist insurance markets. Demonstrable commercial experience developing new business opportunities. Extensive travel experience globally, including in high-threat/hostile environments. Strong analytical and problem-solving skills; a creative thinker who can apply initiative and create solutions to solve clients' problems. Ability to manage multiple cases simultaneously with strong attention to detail. Personable and able to communicate effectively at all levels with team members and clients, with the gravitas to influence at a very senior level, including verbal communications and presentations skills. Able to relate well to others with confidence and empathy, build trust and be calm and resourceful during difficult and emotive situations. The flexibility and motivation to work irregular hours and maintain quality delivery. Invested in development; maintains a high level of industry knowledge and awareness of geopolitical and security/crisis management issues and trends. The annual leave year runs from 1 January to 31 December. Your paid annual leave entitlement will be 25 days per annum (pro rata for part time hours). Group Life Insurance effective upon commencement of employment. Death in Service pays out at 4x base salary. Employee Assistance Program effective upon commencement of employment. Full details will be provided after joining the company. A Discretionary Bonus Scheme, effective in the year following your employment, and based on company performance in the previous fiscal year. Group Pension Scheme, to which you will be automatically enrolled from the beginning of the third month following start date: We will match your contributions up to 5%. The minimum contribution you can make to the scheme is 4%. You will be entitled to opt out should you wish. Information Security Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment. We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.
Apr 26, 2024
Full time
Crisis24, a GardaWorld company, is widely regarded as the leading integrated risk management, crisis response, consulting, and global protective solutions firm, serving the world's most influential people, disruptive brands, and prominent organizations. Championed by our advanced Global Operation Centers and our skilled team of intelligence analysts, we offer highly specialized services, security and consulting, with the technology and AI to power it all across the globe. At Crisis24, we go beyond mere employment; we pave the way to a realm where your skills become instrumental in shaping global security, guiding clients through a multifaceted and challenging landscape. Your journey with us will be deeply fulfilling, driven by a powerful sense of purpose and accomplishment. Within our thriving environment, you'll discover abundant chances for both personal and career advancement. Seize this moment to push your limits, broaden your expertise, and elevate your professional journey to unprecedented levels. Join the Crisis24 team today and be a part of something extraordinary where growth and impact converge. Crisis24's Crisis & Security Consulting (CSC) division, specifically the All-Hazards Response team, is on the lookout for a Senior Consultant. This role is ideally suited for candidates based in the UK or in mainland Europe. As a part of our dynamic and agile Response Group, the successful applicant will have the chance to enhance their skill set and knowledge, enabling them to contribute across various teams within the organization. Candidates should possess comprehensive experience in crisis management at both tactical and strategic levels and have a wide-ranging understanding of different industries. The position involves readiness to deploy globally at short notice, often in challenging situations, requiring confidence and the ability to provide immediate support and guidance to high-level / C-Suite stakeholders. What You Will Work On Summary You will deliver All Hazards Response services, providing expert advice and guidance to clients facing crises, from threats and violence to political and cyber-related issues. This role entails global deployment, often without prior notice, creating documentation in line with CSC's methodologies, conducting sensitive investigations, and potentially training as a subject matter expert for example as a crisis communications consultant. You will also support the development of junior team members and collaborate with the global consulting team on service delivery, maintaining accurate records across platforms such as Salesforce. Specifics Provide advice and guidance to clients in response to case activations on the following peril types: Active Assailant / Workplace Violence; Political Violence & Terrorism; Cyber Extortion; and Any other crisis-level event in which All-Hazard Response are engaged. Deployment globally in support of any new case activation, often with no notice. Produce all relevant documentation in support of assigned response cases, in line with CSC's doctrine and methodology. Coordinate and conduct sensitive investigational support to clients. Train as a Crisis Communications consultant. Support the development of more junior team members and work in cooperation with the wider global consulting team on all other aspects of consulting services delivery. Keep Salesforce and any other platforms used by Crisis24 up to date and accurate in relation to relevant accounts and proposals. Obtain the skill set and knowledge to actively respond as a Special Risks Response Consultant when required. Support to Insurance Partners Deliver onboarding briefings to new policy holders. Provide capability briefings in support of marketing the wider insurance policies. Assist in the delivery of update reports to insurance underwriters during ongoing cases. Generation of new response retainers, providing services to insurance partners or private clients. Direct engagement contracts for new response cases when insurance options are not present. Assist wider CSC team members in any business development briefings and activity when required. Support the implementation of a business development plan for the region. Scope, price, manage and/or oversee the development of client proposals and responses to RFPs. Represent CSC, Crisis24 and GardaWorld in client pitches/senior-level presentations/in-person meetings. Duty officer Following training, there may be a requirement to join the Duty Officer roster for All-Hazards Response activations. Account management Client liaison and account/client relationship management of new and existing consulting clients. Other Support the wider Crisis24 and GardaWorld business as required. Who You Will Work With Under the guidance of the Associate Director for All Hazards Response, you will collaborate on a variety of response cases and projects. These initiatives are diverse in terms of geography, industry, and complexity, necessitating effective management of pressures. You will be an integral part of both the Response Group and the wider CSC team, frequently assisting other teams within Crisis24 and GardaWorld. Owing to the sensitive nature of the case activity, All Hazards personnel are often visible to the highest levels of leadership within Crisis24 and GardaWorld. What You Will Bring Summary Candidates should have at least 10 years of experience in Crisis Management, preferably within a corporate or consulting environment, and a solid background in Security Risk and Crisis Management. You should be knowledgeable about crisis response processes, the specialist insurance market, and have a track record of developing new business opportunities. The role demands extensive global travel, often to high-risk areas, and requires strong analytical, problem-solving, and communication skills. Candidates must be adaptable, motivated to work irregular hours, and committed to continuous professional development. Specifics 10+ years of experience in Crisis Management, preferably in a corporate and/or consulting setting. Strong working knowledge of Security Risk and Crisis Management. In-depth knowledge and experience of crisis response processes. An understanding of specialist insurance markets. Demonstrable commercial experience developing new business opportunities. Extensive travel experience globally, including in high-threat/hostile environments. Strong analytical and problem-solving skills; a creative thinker who can apply initiative and create solutions to solve clients' problems. Ability to manage multiple cases simultaneously with strong attention to detail. Personable and able to communicate effectively at all levels with team members and clients, with the gravitas to influence at a very senior level, including verbal communications and presentations skills. Able to relate well to others with confidence and empathy, build trust and be calm and resourceful during difficult and emotive situations. The flexibility and motivation to work irregular hours and maintain quality delivery. Invested in development; maintains a high level of industry knowledge and awareness of geopolitical and security/crisis management issues and trends. The annual leave year runs from 1 January to 31 December. Your paid annual leave entitlement will be 25 days per annum (pro rata for part time hours). Group Life Insurance effective upon commencement of employment. Death in Service pays out at 4x base salary. Employee Assistance Program effective upon commencement of employment. Full details will be provided after joining the company. A Discretionary Bonus Scheme, effective in the year following your employment, and based on company performance in the previous fiscal year. Group Pension Scheme, to which you will be automatically enrolled from the beginning of the third month following start date: We will match your contributions up to 5%. The minimum contribution you can make to the scheme is 4%. You will be entitled to opt out should you wish. Information Security Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment. We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.
Cyber Defence Engineer (DV Cleared) Location: HerefordDuration: 6 Months + ExtensionsRate: Very good day rate Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Apply now to discuss further
Apr 26, 2024
Full time
Cyber Defence Engineer (DV Cleared) Location: HerefordDuration: 6 Months + ExtensionsRate: Very good day rate Role Description: Cyber Defence Engineer will join a growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SOC's technology stack (hardware and software). The engineer will also assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team. Skills/Experience: Previous experience of Enterprise ICS/network architectures and technologies. Working with frameworks and technologies that support data-intensive distributed applications. Experience maintaining and administrating data analytical and SIEM platforms. Experience using host and network-based IDS/IPS Experience using packet capture solutions. Skill in developing and deploying signatures. Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach). Tasks: Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration. Manage system/server resources including performance, capacity, availability, serviceability, and recoverability. Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability. Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave. Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources. Implement data management standards, requirements, and specifications. Develop data standards, policies, and procedures. Apply now to discuss further
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
Sep 24, 2022
Full time
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.