Head of Cyber and Information Security This position will be a hybrid role based out of London. Description Purpose of Role: The Head of Cyber & Information Security forms part of the senior leadership team within the Security function reporting directly to the Chief Security Officer (CSO) You will act as a trusted advisor to the CSO and C-Suite stakeholders across the UK and work with them to ensure the business is secure and compliant with the policies, standards and regulations set out in the Security Operating Model This is a highly operational and highly visible leadership role, as you will take overall charge of the UK's Cyber Defence and Security Operations teams. You will also have overall responsibility for Security Governance, Risk & Compliance and lead the Business Continuity and Crisis Management teams, working across the whole of the business to ensure we are resilient and prepared should business interruption occur. Team Description: We work in a heavily regulated environment and must secure one of the most visited websites in the UK, a very large retail channel and numerous back-office systems spread across both on premise datacenters and the Cloud. The Security function is comprised of 3 Team Groups Enterprise Security Security Architecture Security Design Engineering Security Consultancy Security Testing Cyber & Information Security Governance, Risk & Compliance Cyber Defence Security Operations Protective Security Physical Security Investigations Intelligence The Cyber & Information Security team form a key pillar in our security operating model - you will be responsible for leading the activities of the Cyber and Information security team, and you will be expected to get deeply involved in ensuring our key suppliers operate to the same high security standards we demand of ourselves. Key Accountabilities or Duties: Manage, develop & Lead the Cyber & Information Security teams Be a member of the Security SLT Identify, measure, control and report on security risks within information systems Accountable for the creation and upkeep of our documented security standards, policies, processes Manage the budget of the Cyber & Information Security Cost Centre Co-create the security strategy Manage operational teams that protect, defend and respond to threats Anticipate, influence and assist the organization to assess and rapidly adjust to changing threat conditions and trends both internally and externally Establish and maintain relationships with industry peers, other Group operating companies and external security organisations, working with Specialist consultants where appropriate Implement KPIs and metrics to measure our security performance and assess and track our exposure to risk Accountable for continuous improvement / maturity of our Cyber Defence team and ensuring our capabilities are operating at optimal levels to both identify threats and maintain effectiveness of the SOC Overall Accountability for overall leadership of the 24/7 SOC and the efficient response to Cyber attacks. Overall Accountability for Business Continuity and Crisis Management the UK Overall Accountability for ensuring we maintain or achieve certification to ISO22301/2700/27701/27002/PCI DSS/ WLA SCS2020 / NCSC CAF As part of the senior nature of this role, you'll be required to be available outside of normal office hours Skills & Experience: The successful individual will be one of the most important Information Security professional across the global organisation and will advise the most senior of our employees on Security Operations. As well as having the experience and influence to operate in this manner, you will have: At least five years' experience gained in a technically focussed security role Demonstrable experience of successful delivery in a technically focussed role Ability to articulate complex technical or sensitive issues to a wide audience is essential Experience of managing internet threats and risk mitigation Strong understanding of external and internal threat landscapes Broad experience of a wide range of security technologies and products Understanding of information security governance principles Ability to demonstrate an understanding of common security management principles (eg PCI-DSS) Bring the skills, experience and ability to adapt to be able to deliver any desired solution potentially using a wide variety of technologies that will help reduce security related risks Excellent communication skills Excellent judgement Line management experience Experienced in deploying security technology in a cloud environment. Cyber security incident management experience Desirable: Experience of working with AWS and Azure Working in a regulated environment
Apr 19, 2024
Full time
Head of Cyber and Information Security This position will be a hybrid role based out of London. Description Purpose of Role: The Head of Cyber & Information Security forms part of the senior leadership team within the Security function reporting directly to the Chief Security Officer (CSO) You will act as a trusted advisor to the CSO and C-Suite stakeholders across the UK and work with them to ensure the business is secure and compliant with the policies, standards and regulations set out in the Security Operating Model This is a highly operational and highly visible leadership role, as you will take overall charge of the UK's Cyber Defence and Security Operations teams. You will also have overall responsibility for Security Governance, Risk & Compliance and lead the Business Continuity and Crisis Management teams, working across the whole of the business to ensure we are resilient and prepared should business interruption occur. Team Description: We work in a heavily regulated environment and must secure one of the most visited websites in the UK, a very large retail channel and numerous back-office systems spread across both on premise datacenters and the Cloud. The Security function is comprised of 3 Team Groups Enterprise Security Security Architecture Security Design Engineering Security Consultancy Security Testing Cyber & Information Security Governance, Risk & Compliance Cyber Defence Security Operations Protective Security Physical Security Investigations Intelligence The Cyber & Information Security team form a key pillar in our security operating model - you will be responsible for leading the activities of the Cyber and Information security team, and you will be expected to get deeply involved in ensuring our key suppliers operate to the same high security standards we demand of ourselves. Key Accountabilities or Duties: Manage, develop & Lead the Cyber & Information Security teams Be a member of the Security SLT Identify, measure, control and report on security risks within information systems Accountable for the creation and upkeep of our documented security standards, policies, processes Manage the budget of the Cyber & Information Security Cost Centre Co-create the security strategy Manage operational teams that protect, defend and respond to threats Anticipate, influence and assist the organization to assess and rapidly adjust to changing threat conditions and trends both internally and externally Establish and maintain relationships with industry peers, other Group operating companies and external security organisations, working with Specialist consultants where appropriate Implement KPIs and metrics to measure our security performance and assess and track our exposure to risk Accountable for continuous improvement / maturity of our Cyber Defence team and ensuring our capabilities are operating at optimal levels to both identify threats and maintain effectiveness of the SOC Overall Accountability for overall leadership of the 24/7 SOC and the efficient response to Cyber attacks. Overall Accountability for Business Continuity and Crisis Management the UK Overall Accountability for ensuring we maintain or achieve certification to ISO22301/2700/27701/27002/PCI DSS/ WLA SCS2020 / NCSC CAF As part of the senior nature of this role, you'll be required to be available outside of normal office hours Skills & Experience: The successful individual will be one of the most important Information Security professional across the global organisation and will advise the most senior of our employees on Security Operations. As well as having the experience and influence to operate in this manner, you will have: At least five years' experience gained in a technically focussed security role Demonstrable experience of successful delivery in a technically focussed role Ability to articulate complex technical or sensitive issues to a wide audience is essential Experience of managing internet threats and risk mitigation Strong understanding of external and internal threat landscapes Broad experience of a wide range of security technologies and products Understanding of information security governance principles Ability to demonstrate an understanding of common security management principles (eg PCI-DSS) Bring the skills, experience and ability to adapt to be able to deliver any desired solution potentially using a wide variety of technologies that will help reduce security related risks Excellent communication skills Excellent judgement Line management experience Experienced in deploying security technology in a cloud environment. Cyber security incident management experience Desirable: Experience of working with AWS and Azure Working in a regulated environment
Cyber Security Lead | Liverpool | Competitive £ Your new company Leading provider of insurance and legal services that employ over 1000 people across several sites including Liverpool, Leeds and Glasgow. Your new role My client is seeking a highly skilled and experienced technical Cyber Security Lead to join the existing IT team in Liverpool. The Cyber Security Lead will be responsible for overseeing the technical aspects of the organisations information security program, including the management of an outsourced Security Operations Centre (SOC). You will be responsible for establishing the security strategy for the group and improving security posture while ensuring alignment of technical security measures with business objectives and regulatory requirements. Key Responsibilities: Evaluate new security technologies and solutions to enhance the organization's security posture. Ensure proper configuration and tuning of security tools to maximize effectiveness. Incident Response and forensics - developing and maintaining an incident response plan. Provide leadership and mentorship to junior members of the security team. Promote cross functional collaboration and knowledge sharing across security and IT teams. Maintain security infrastructure, including Firewalls, intrusion detection/prevention systems, SIEM and endpoint security solutions. Setting the overall security strategy for the business. What you'll need to succeed The Ideal candidate will have a strong background in information security and hands on experience with SOC operations. Experience developing and implementing technical aspects of the organization's information security strategy. Experience overseeing day-to-day operations of the outsourced SOC team. Define and enforce SOC processes and procedures to ensure effective incident detection, response, and remediation. Experience Coordinating with internal teams and external stakeholders to address security incidents and vulnerabilities. Experience Conducting regular threat assessments and vulnerability scans to identify potential risks to the organization's infrastructure and data. Experience working in alignment with ISO27001 and Cyber Essentials. Experience Managing and maintaining security infrastructure, including Firewalls, intrusion detection/prevention systems, SIEM, and endpoint security solutions. What you'll get in return You can expect a competitive salary (depending on experience), along with pension, life assurance (4 x salary), healthcare cash plan, 25 days holiday (plus bank holidays) and hybrid working and a range of other flexible benefits. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Apr 18, 2024
Full time
Cyber Security Lead | Liverpool | Competitive £ Your new company Leading provider of insurance and legal services that employ over 1000 people across several sites including Liverpool, Leeds and Glasgow. Your new role My client is seeking a highly skilled and experienced technical Cyber Security Lead to join the existing IT team in Liverpool. The Cyber Security Lead will be responsible for overseeing the technical aspects of the organisations information security program, including the management of an outsourced Security Operations Centre (SOC). You will be responsible for establishing the security strategy for the group and improving security posture while ensuring alignment of technical security measures with business objectives and regulatory requirements. Key Responsibilities: Evaluate new security technologies and solutions to enhance the organization's security posture. Ensure proper configuration and tuning of security tools to maximize effectiveness. Incident Response and forensics - developing and maintaining an incident response plan. Provide leadership and mentorship to junior members of the security team. Promote cross functional collaboration and knowledge sharing across security and IT teams. Maintain security infrastructure, including Firewalls, intrusion detection/prevention systems, SIEM and endpoint security solutions. Setting the overall security strategy for the business. What you'll need to succeed The Ideal candidate will have a strong background in information security and hands on experience with SOC operations. Experience developing and implementing technical aspects of the organization's information security strategy. Experience overseeing day-to-day operations of the outsourced SOC team. Define and enforce SOC processes and procedures to ensure effective incident detection, response, and remediation. Experience Coordinating with internal teams and external stakeholders to address security incidents and vulnerabilities. Experience Conducting regular threat assessments and vulnerability scans to identify potential risks to the organization's infrastructure and data. Experience working in alignment with ISO27001 and Cyber Essentials. Experience Managing and maintaining security infrastructure, including Firewalls, intrusion detection/prevention systems, SIEM, and endpoint security solutions. What you'll get in return You can expect a competitive salary (depending on experience), along with pension, life assurance (4 x salary), healthcare cash plan, 25 days holiday (plus bank holidays) and hybrid working and a range of other flexible benefits. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
The Cyber Security unit is accountable and responsible for safeguarding our company's critical infrastructure, intellectual property, and customer data against evolving cyber threats, ensuring no interruption to operations. We take a proactive approach to building, deploying, and operating our Cyber capabilities to fortify our defenses, employing innovative and cutting-edge cyber technologies. Our duties span cyber threat management, real-time attack detection and prevention, and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, we leverage Cyber DevOps automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of our Operational Technology (OT), IT, and digital infrastructure in the face of emerging challenges. We are responsible for defining and setting the Cyber framework and Security compliance policies across the company, including the development of robust Business continuity plans, disaster recovery, and critical management plans to ensure the resilience of our operations in the face of cyber threats and other emergencies. Key Competencies Technical Significant experience in Cyber Security engineering and delivery with a broad understanding of OT and IT services Subject matter expertise in Cyber Security for protecting IT, OT, and IP networks, including IPSec VPNs, Firewalls, SIEM, IPS/IDS, AV/EDR solutions, LDAP/AD, etc. Expertise in Privileged Access Management and related tools High level of expertise in Vulnerability and Compliance Management; DDOS protection Hands-on experience in Cyber Security engineering and design of cloud solutions (such as AWS, Azure, etc.), including open-source tools, DevOps, and automation capabilities to enhance cyber defense (such as Zabbix, ELK, Grafana, Netbox, Netmiko, Ansible, Alienvault, OpenVas, etc.) Professional-level knowledge in public clouds, such as AWS security services and architectures. Extensive knowledge of Private Clouds and related transferable skills are highly desirable. Non-Technical Ability to collaborate effectively with others to drive forward key security objectives and goals Strong communication skills, including presentation and documentation writing (for both technical and business audiences) An aptitude for autonomous learning as required by business demands Proven track record of problem-solving abilities Assertiveness and the ability to drive through change, complex projects, and transformations Excellent teamwork skills, including the ability to work effectively within a geographically disparate team (nationally and internationally Desirable but not essential: Knowledge of policy frameworks and understanding of policies, procedures, guideline structure, and regulatory landscapes, such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Virtualization technology, including containerization (e.g., Docker, Kubernetes, Linux, etc.) Host-based security products (threat detection, mitigations, end-user detection and response, micro-segmentation, zero trust) Experience working within an ITIL environment or structured platform management, particularly change and incident management Professional certifications, e.g., CISSP, CISM, CCNP, CCIE, AWS Certified Security, etc. Key Accountabilities Technical Design lead for end-to-end cyber capabilities for operational technology (OT) and Information Technology (IT), as per Cyber goals and company's strategy Technical leadership and subject matter expertise in Cyber Security Design security capabilities and tools for new infrastructure & digital deployments, and the existing ones Design and dynamically readjust cyber capabilities based on the cyber threat landscape Support to set, and potentially lead NOC/SOC operational team Lead Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and deploy mitigating solutions. Report on Cyber incidents and manage related action plans Proactive capacity management of the cyber platforms to ensure sufficient capacity is available at any time Design Cyber solutions that are well-integrated with the IT and OT platforms Data design for Cyber logs, reports, and incidents to align with the digitization strategy, intertwined with AI and ML Knowledge and experience of agile and DevOps methodologies Own development and implementation of policies and procedures, including operational cyber defense processes Provide cyber 2nd and 3rd line support as required to maintain service availability during cyber incidents Strategic Work as part of the wider team to drive automation and data mining, as per cyber goals and wider strategy, to support the company's digitization transformation Put in place and drive the cyber roadmap for platform development and threat mitigation, aligned with the unit's cyber vision and strategy Continually develop professional cyber skills and awareness, remaining ahead of cyber attacks Lead on a number of complex technical deliverables ensuring work is completed on time and within budget Work and deliver under general direction within a clear framework of accountability Assume substantial personal responsibilities and autonomy Plan own work, engage stakeholders, and work with teams in the business to deliver on commitments Become a recognized expert in Cyber technologies GCS is acting as an Employment Agency in relation to this vacancy.
Apr 18, 2024
Full time
The Cyber Security unit is accountable and responsible for safeguarding our company's critical infrastructure, intellectual property, and customer data against evolving cyber threats, ensuring no interruption to operations. We take a proactive approach to building, deploying, and operating our Cyber capabilities to fortify our defenses, employing innovative and cutting-edge cyber technologies. Our duties span cyber threat management, real-time attack detection and prevention, and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, we leverage Cyber DevOps automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of our Operational Technology (OT), IT, and digital infrastructure in the face of emerging challenges. We are responsible for defining and setting the Cyber framework and Security compliance policies across the company, including the development of robust Business continuity plans, disaster recovery, and critical management plans to ensure the resilience of our operations in the face of cyber threats and other emergencies. Key Competencies Technical Significant experience in Cyber Security engineering and delivery with a broad understanding of OT and IT services Subject matter expertise in Cyber Security for protecting IT, OT, and IP networks, including IPSec VPNs, Firewalls, SIEM, IPS/IDS, AV/EDR solutions, LDAP/AD, etc. Expertise in Privileged Access Management and related tools High level of expertise in Vulnerability and Compliance Management; DDOS protection Hands-on experience in Cyber Security engineering and design of cloud solutions (such as AWS, Azure, etc.), including open-source tools, DevOps, and automation capabilities to enhance cyber defense (such as Zabbix, ELK, Grafana, Netbox, Netmiko, Ansible, Alienvault, OpenVas, etc.) Professional-level knowledge in public clouds, such as AWS security services and architectures. Extensive knowledge of Private Clouds and related transferable skills are highly desirable. Non-Technical Ability to collaborate effectively with others to drive forward key security objectives and goals Strong communication skills, including presentation and documentation writing (for both technical and business audiences) An aptitude for autonomous learning as required by business demands Proven track record of problem-solving abilities Assertiveness and the ability to drive through change, complex projects, and transformations Excellent teamwork skills, including the ability to work effectively within a geographically disparate team (nationally and internationally Desirable but not essential: Knowledge of policy frameworks and understanding of policies, procedures, guideline structure, and regulatory landscapes, such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Virtualization technology, including containerization (e.g., Docker, Kubernetes, Linux, etc.) Host-based security products (threat detection, mitigations, end-user detection and response, micro-segmentation, zero trust) Experience working within an ITIL environment or structured platform management, particularly change and incident management Professional certifications, e.g., CISSP, CISM, CCNP, CCIE, AWS Certified Security, etc. Key Accountabilities Technical Design lead for end-to-end cyber capabilities for operational technology (OT) and Information Technology (IT), as per Cyber goals and company's strategy Technical leadership and subject matter expertise in Cyber Security Design security capabilities and tools for new infrastructure & digital deployments, and the existing ones Design and dynamically readjust cyber capabilities based on the cyber threat landscape Support to set, and potentially lead NOC/SOC operational team Lead Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and deploy mitigating solutions. Report on Cyber incidents and manage related action plans Proactive capacity management of the cyber platforms to ensure sufficient capacity is available at any time Design Cyber solutions that are well-integrated with the IT and OT platforms Data design for Cyber logs, reports, and incidents to align with the digitization strategy, intertwined with AI and ML Knowledge and experience of agile and DevOps methodologies Own development and implementation of policies and procedures, including operational cyber defense processes Provide cyber 2nd and 3rd line support as required to maintain service availability during cyber incidents Strategic Work as part of the wider team to drive automation and data mining, as per cyber goals and wider strategy, to support the company's digitization transformation Put in place and drive the cyber roadmap for platform development and threat mitigation, aligned with the unit's cyber vision and strategy Continually develop professional cyber skills and awareness, remaining ahead of cyber attacks Lead on a number of complex technical deliverables ensuring work is completed on time and within budget Work and deliver under general direction within a clear framework of accountability Assume substantial personal responsibilities and autonomy Plan own work, engage stakeholders, and work with teams in the business to deliver on commitments Become a recognized expert in Cyber technologies GCS is acting as an Employment Agency in relation to this vacancy.
Role Title:Cyber Security Assurance Specialist Key Role Responsibilities Review new business proposals and provide specialist advice on security issues and implications. Set policies, standards and guidelines for how the organisation conducts security operations across the business and ensures alignment. Develop & establish supplier chain security agreements / contracts / questionnaires and manage completion and disengagement. Lead reviews of governance practices with appropriate and sufficient independence from management activity. Develop policies, standards, processes, guidelines for ensuring appropriate security standards are in place and are adhered to. Ensure architectural security principles are applied during project design to reduce risk. Drives adoption and adherence to policy, standards and guidelines. Design, architect and deliver security aspects within projects and provide expert assurance for secure implementation. Lead and support product security activities, including technical reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. Ensure timely and robust incident management resolution, including major incident response coordination and management. Deputise for the Senior IT Security Manager as and when required. Education, Qualifications & Training Achieved one or more relevant qualification / certification (i.e. CISSP, CISA, CISM Knowledge & Experience Expert knowledge of security data tools, information security controls, security best practice and management strategies. Experience of designing control maturity tests and conducting control maturity assessments. Experience of overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing improvement actions such as development and tuning of security monitoring, alerting, and reporting. Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft XDR stack, vulnerability management tools (Nessus and Rapid 7), EDR platforms, SIEMs (Splunk / Azure Sentinel), Powershell automation etc. Previous exposure to enterprise networking and infrastructure technologies Role Specific Skills & Behaviours Ability to work supportively and collaboratively with colleagues across Technology & transformation as well as the wider business. Ability to effectively coordinate and manage major incident responses. Ability to work under pressure and maintain customer service ethic. Ability to be creative. Ability to present complex security solutions and situations to those without technical knowledge. Ability to formulate effective and appropriate recommendations based on sound technical knowledge. Ability to confidently challenge deadlines, priorities and suggest alternative ways of achieving targets. Meticulous documentation skills used for service descriptions and in service/asset management tooling and knowledge bases. Excellent written and oral communication skills. Customer focused - always assessing the impact and urgency for customers as the priority. Able to develop the skills and competencies of others. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Apr 18, 2024
Full time
Role Title:Cyber Security Assurance Specialist Key Role Responsibilities Review new business proposals and provide specialist advice on security issues and implications. Set policies, standards and guidelines for how the organisation conducts security operations across the business and ensures alignment. Develop & establish supplier chain security agreements / contracts / questionnaires and manage completion and disengagement. Lead reviews of governance practices with appropriate and sufficient independence from management activity. Develop policies, standards, processes, guidelines for ensuring appropriate security standards are in place and are adhered to. Ensure architectural security principles are applied during project design to reduce risk. Drives adoption and adherence to policy, standards and guidelines. Design, architect and deliver security aspects within projects and provide expert assurance for secure implementation. Lead and support product security activities, including technical reviews and assessments of product security architectures and designs across a diverse range of complex infrastructure, data and application systems. Ensure timely and robust incident management resolution, including major incident response coordination and management. Deputise for the Senior IT Security Manager as and when required. Education, Qualifications & Training Achieved one or more relevant qualification / certification (i.e. CISSP, CISA, CISM Knowledge & Experience Expert knowledge of security data tools, information security controls, security best practice and management strategies. Experience of designing control maturity tests and conducting control maturity assessments. Experience of overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis including Cyber Essentials, Cyber Essentials Plus, and NIST CSF. Experience in incident response and overseeing improvement actions such as development and tuning of security monitoring, alerting, and reporting. Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft XDR stack, vulnerability management tools (Nessus and Rapid 7), EDR platforms, SIEMs (Splunk / Azure Sentinel), Powershell automation etc. Previous exposure to enterprise networking and infrastructure technologies Role Specific Skills & Behaviours Ability to work supportively and collaboratively with colleagues across Technology & transformation as well as the wider business. Ability to effectively coordinate and manage major incident responses. Ability to work under pressure and maintain customer service ethic. Ability to be creative. Ability to present complex security solutions and situations to those without technical knowledge. Ability to formulate effective and appropriate recommendations based on sound technical knowledge. Ability to confidently challenge deadlines, priorities and suggest alternative ways of achieving targets. Meticulous documentation skills used for service descriptions and in service/asset management tooling and knowledge bases. Excellent written and oral communication skills. Customer focused - always assessing the impact and urgency for customers as the priority. Able to develop the skills and competencies of others. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
IT Graduate - London, South East & North West (UK) - September 2024 About Us Murphy is a leading international, multi-disciplined engineering and construction company founded in 1951 that improves life by delivering world-class infrastructure. Operating in the United Kingdom, Ireland and North America, Murphy provides better engineered solutions to infrastructure sectors including transportation, water, power and natural resources. We also have a number of related businesses - Ground Engineering; Utility Connections; Murphy Plant; Murphy Process Engineering; Pipeline Testing Services; Specialist Welding Services; and Electrical Services. Murphy is a specialist in delivering pipelines, design, structural steel, tunnelling, fabrication, bridges and piling, and has a substantial holding of plant, equipment and facilities. Murphy employs more than 4,000 engineers, professional managers and skilled operatives around the world. Together, we work as 'One Murphy' by directly delivering the people, plant and expertise needed to make projects a success. There's more to Murphy. Murphy Goes Green 36% reduction in carbon emission intensity to date 98% of waste diverted from landfill Introduced cleaner burning Gas-to-Liquid fuel (first construction company in the UK) Installed electric and hybrid car charging points Working towards being Net Zero by 2030 Graduate Programme We have an exciting opportunity to join our leading-edge Graduate programme for Information Technology Graduate - this role is for a person with passion for all elements of IT from customer support, through to back office server and network support, project management & delivery, People and Finance systems support and Cybersecurity. This IT Graduate will play an important role in supporting key areas of the IT department that are undergoing an exciting change to make us more streamline, more strategic and aligned to the Murphy at 75 vision. The role is suitable for someone with an interest in IT, future technology, customer service and project delivery, all to help both support the current Murphy business IT requirements but also to drive us forward in a continually changing and exciting environment. This will involve using a range of industry wide programmes and some bespoke applications; therefore, the candidate will need to be IT proficient as well as being eager to learn new systems and tasks. It is important they are organised, have excellent teamwork and communication skills. Key Responsibilities Since the role will be on rotation around the IT department these will be a mix of responsibilities from these rotations around the following teams; IT Service and Operations, Information Security, Infrastructure, Business Systems, IT Project Management and Data & Analytics. • Provide excellent customer service. • Collaborative working both within the IT department and wider business for items including supporting new service go lives and project delivery, actively supporting IT improvement programmes. • Ensure IT Operations tickets are created for every task undertaken, are appropriately updated, escalated where necessary, completed & closed in line with SLA & Service Desk processes. • Provide support for Site mobilisation, changes and demobilisation. Ensuring the required to setup IT equipment are consistent & to the required standard and delivered according to the set KPI. • Monitor security alerts, logs, and events to identify potential threats or breaches. • Collaborate with incident response teams to mitigate risks and minimize impact. • Identify and prioritize vulnerabilities. • Assess security risks and recommend appropriate controls. • Work with stakeholders to implement risk mitigation strategies. • Assist in remediation efforts to address security gaps. • Assist in developing and implementing security policies, standards, and guidelines. • Educate employees on security best practices. • Provide operational assistance for IT Infrastructure services and all associated applications, hardware, software and security. • Contribute to Information Security processes regarding all business technical infrastructure, ensuring that all infrastructure services are secure built and run in line with agreed best practice and company policies. This includes contributing to the ownership and resolution of any identified risks or incidents identified as part of security escalation processes. • Working closely with the Technical Architect and PMO function - contributing to the ongoing planning, design, implementation, operation, maintenance and improvement of Murphy's technology infrastructure within approved capital and operational expenditure budgets. • Provide technical support and guidance to the IT Commercial and Operations teams in the design and delivery of technical infrastructure for projects through bid and mobilisation phases. Maintaining agreed technical blueprints to standardise project infrastructure delivery. • Assist in delivery of business systems support including D365 and Success Factors including System configuration, Environmental Management and data analysis. • Undertake assigned actions to deliver improvement project across the business systems portfolio working closely with IT Leads, Project managers and key business stakeholders. • Own Small improvement projects and deliver value to the business enhancing business processes and IT capabilities. • Delivery a customer focused service within the boundaries of IT best practices. • Prioritising tasks as appropriate to business needs. • Develop and maintain project plans, setting out key milestones with realistic dates. • Assemble and coordinate project team resource. • Ensure project interdependencies are identified. • Identify, maintain and report on the project opportunity, risk, mitigation, issues and dependencies. • Provide regular progress reporting updates. • Comfortable handling and analysing data, whilst understanding business process and reporting requirements. • Working closely with business reporting stakeholders to understanding reporting and analytical requirements to acquire and present relevant datasets. • Verify the integrity of extracted data. • Implement information security best practices in order to protect the confidentiality, integrity and availability of company data. • Awareness of, and support embedding and applying revised Data Governance and Information Security standards and best practices. • Responsible for ensuring appropriate documentation is produced. • Work closely with the IT Project managers. Graduate Programme The programme will focus on helping you to grow your personal and leadership skills, alongside business and of course, the technical skills you will learn day-to-day on the job. The programme is delivered in a variety of formats throughout the 2 years and will allow you to establish a network of contacts that will help and support you through your first 2 years and beyond. Our line managers are fully supportive of the Graduate Development Programme and will be involved in helping you along the way. In addition to the programme, we offer mentoring and support in every area of work, as well as a structured training programme to enable graduates to work towards achieving Chartership. Graduates may have the opportunity to work on several exciting and progressive projects around the UK during the 2-year period. About you • Have a passion for Murphy's Carbon Net Zero Targets • Ability to work accurately and professionally • Willingness to learn with appropriate instruction • Ability to empathise and communicate with all people, regardless of their background or circumstance • Excellent organisation, communication, and time management skills • Mobility to work on various projects over the 2-year programme throughout the UK • Driven and motivated looking to progress their career in environmental sustainability • Some experience in the construction/civil engineering industry would be advantageous but not necessary • Excellent data analysis skills and interrogation of data Location As a Construction and Civil Engineering company we have projects, big and small, based across the UK and Ireland. There is the opportunity for you to rotate around our IT department. Rotating to different part of IT will enable you to maximise your learning and exposure to your field of study. How will I learn? In short, by grabbing every chance you get. Alongside working on some fascinating, challenging and occasionally jaw-dropping projects, you'll also be part of our Murphy Learning programme, where everyone has ownership of their own training. You decide what skills you want to gain, with support and guidance from your manager. We call it the 70:20:10 principle, and it goes like this: • 70% learning on the job, challenging yourself with new projects and responsibilities • 20% learning through others, training and networking with senior managers, colleagues, and industry leaders • 10% structured learning, choosing training courses that fit your needs and your team's aims Entry Requirements Information Technology degree (or equivalent) Additional Requirements Due to the nature of our work, we may require you to have a full clean driving licence Good time management & organisational skills Computer literate with strong skills in Microsoft Office Applications (Word/Excel/Outlook/PowerPoint) . click apply for full job details
Apr 18, 2024
Full time
IT Graduate - London, South East & North West (UK) - September 2024 About Us Murphy is a leading international, multi-disciplined engineering and construction company founded in 1951 that improves life by delivering world-class infrastructure. Operating in the United Kingdom, Ireland and North America, Murphy provides better engineered solutions to infrastructure sectors including transportation, water, power and natural resources. We also have a number of related businesses - Ground Engineering; Utility Connections; Murphy Plant; Murphy Process Engineering; Pipeline Testing Services; Specialist Welding Services; and Electrical Services. Murphy is a specialist in delivering pipelines, design, structural steel, tunnelling, fabrication, bridges and piling, and has a substantial holding of plant, equipment and facilities. Murphy employs more than 4,000 engineers, professional managers and skilled operatives around the world. Together, we work as 'One Murphy' by directly delivering the people, plant and expertise needed to make projects a success. There's more to Murphy. Murphy Goes Green 36% reduction in carbon emission intensity to date 98% of waste diverted from landfill Introduced cleaner burning Gas-to-Liquid fuel (first construction company in the UK) Installed electric and hybrid car charging points Working towards being Net Zero by 2030 Graduate Programme We have an exciting opportunity to join our leading-edge Graduate programme for Information Technology Graduate - this role is for a person with passion for all elements of IT from customer support, through to back office server and network support, project management & delivery, People and Finance systems support and Cybersecurity. This IT Graduate will play an important role in supporting key areas of the IT department that are undergoing an exciting change to make us more streamline, more strategic and aligned to the Murphy at 75 vision. The role is suitable for someone with an interest in IT, future technology, customer service and project delivery, all to help both support the current Murphy business IT requirements but also to drive us forward in a continually changing and exciting environment. This will involve using a range of industry wide programmes and some bespoke applications; therefore, the candidate will need to be IT proficient as well as being eager to learn new systems and tasks. It is important they are organised, have excellent teamwork and communication skills. Key Responsibilities Since the role will be on rotation around the IT department these will be a mix of responsibilities from these rotations around the following teams; IT Service and Operations, Information Security, Infrastructure, Business Systems, IT Project Management and Data & Analytics. • Provide excellent customer service. • Collaborative working both within the IT department and wider business for items including supporting new service go lives and project delivery, actively supporting IT improvement programmes. • Ensure IT Operations tickets are created for every task undertaken, are appropriately updated, escalated where necessary, completed & closed in line with SLA & Service Desk processes. • Provide support for Site mobilisation, changes and demobilisation. Ensuring the required to setup IT equipment are consistent & to the required standard and delivered according to the set KPI. • Monitor security alerts, logs, and events to identify potential threats or breaches. • Collaborate with incident response teams to mitigate risks and minimize impact. • Identify and prioritize vulnerabilities. • Assess security risks and recommend appropriate controls. • Work with stakeholders to implement risk mitigation strategies. • Assist in remediation efforts to address security gaps. • Assist in developing and implementing security policies, standards, and guidelines. • Educate employees on security best practices. • Provide operational assistance for IT Infrastructure services and all associated applications, hardware, software and security. • Contribute to Information Security processes regarding all business technical infrastructure, ensuring that all infrastructure services are secure built and run in line with agreed best practice and company policies. This includes contributing to the ownership and resolution of any identified risks or incidents identified as part of security escalation processes. • Working closely with the Technical Architect and PMO function - contributing to the ongoing planning, design, implementation, operation, maintenance and improvement of Murphy's technology infrastructure within approved capital and operational expenditure budgets. • Provide technical support and guidance to the IT Commercial and Operations teams in the design and delivery of technical infrastructure for projects through bid and mobilisation phases. Maintaining agreed technical blueprints to standardise project infrastructure delivery. • Assist in delivery of business systems support including D365 and Success Factors including System configuration, Environmental Management and data analysis. • Undertake assigned actions to deliver improvement project across the business systems portfolio working closely with IT Leads, Project managers and key business stakeholders. • Own Small improvement projects and deliver value to the business enhancing business processes and IT capabilities. • Delivery a customer focused service within the boundaries of IT best practices. • Prioritising tasks as appropriate to business needs. • Develop and maintain project plans, setting out key milestones with realistic dates. • Assemble and coordinate project team resource. • Ensure project interdependencies are identified. • Identify, maintain and report on the project opportunity, risk, mitigation, issues and dependencies. • Provide regular progress reporting updates. • Comfortable handling and analysing data, whilst understanding business process and reporting requirements. • Working closely with business reporting stakeholders to understanding reporting and analytical requirements to acquire and present relevant datasets. • Verify the integrity of extracted data. • Implement information security best practices in order to protect the confidentiality, integrity and availability of company data. • Awareness of, and support embedding and applying revised Data Governance and Information Security standards and best practices. • Responsible for ensuring appropriate documentation is produced. • Work closely with the IT Project managers. Graduate Programme The programme will focus on helping you to grow your personal and leadership skills, alongside business and of course, the technical skills you will learn day-to-day on the job. The programme is delivered in a variety of formats throughout the 2 years and will allow you to establish a network of contacts that will help and support you through your first 2 years and beyond. Our line managers are fully supportive of the Graduate Development Programme and will be involved in helping you along the way. In addition to the programme, we offer mentoring and support in every area of work, as well as a structured training programme to enable graduates to work towards achieving Chartership. Graduates may have the opportunity to work on several exciting and progressive projects around the UK during the 2-year period. About you • Have a passion for Murphy's Carbon Net Zero Targets • Ability to work accurately and professionally • Willingness to learn with appropriate instruction • Ability to empathise and communicate with all people, regardless of their background or circumstance • Excellent organisation, communication, and time management skills • Mobility to work on various projects over the 2-year programme throughout the UK • Driven and motivated looking to progress their career in environmental sustainability • Some experience in the construction/civil engineering industry would be advantageous but not necessary • Excellent data analysis skills and interrogation of data Location As a Construction and Civil Engineering company we have projects, big and small, based across the UK and Ireland. There is the opportunity for you to rotate around our IT department. Rotating to different part of IT will enable you to maximise your learning and exposure to your field of study. How will I learn? In short, by grabbing every chance you get. Alongside working on some fascinating, challenging and occasionally jaw-dropping projects, you'll also be part of our Murphy Learning programme, where everyone has ownership of their own training. You decide what skills you want to gain, with support and guidance from your manager. We call it the 70:20:10 principle, and it goes like this: • 70% learning on the job, challenging yourself with new projects and responsibilities • 20% learning through others, training and networking with senior managers, colleagues, and industry leaders • 10% structured learning, choosing training courses that fit your needs and your team's aims Entry Requirements Information Technology degree (or equivalent) Additional Requirements Due to the nature of our work, we may require you to have a full clean driving licence Good time management & organisational skills Computer literate with strong skills in Microsoft Office Applications (Word/Excel/Outlook/PowerPoint) . click apply for full job details
Finixio is a proudly Remote First group Position Overview: As the Head of IT Security, you will be responsible for designing, implementing, and overseeing comprehensive cybersecurity strategies to safeguard our organization's sensitive data and technology assets. In this leadership role, you will work closely with very agile, cross-functional teams, and collaborate with key stakeholders to ensure the highest standards of information security in a BYOD environment. Key Responsibilities: Strategic Planning: Develop and implement a strategic and forward-thinking IT security roadmap aligned with business objectives. Define, communicate, and champion security policies, standards, and procedures. Risk Management: Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats. Manage and maintain centrally managed devices for key company roles Collaborate with stakeholders and relevant departments to assess and manage security risks associated with BYOD practices. Security Architecture: Design, implement, and maintain a robust security architecture for the protection of data, networks, and systems. Oversee the deployment of security technologies and solutions. Incident Response: Establish and lead an incident response team to promptly address and mitigate security incidents. Develop and maintain an incident response plan and conduct regular drills. Security Awareness: Cultivate a strong security awareness culture among employees Provide training programs and resources to educate staff on best security practices, especially in a BYOD environment. Compliance: Ensure compliance with industry regulations, data protection laws, and cybersecurity standards. Stay current on emerging threats, technologies, and regulatory requirements. Collaboration: Work closely with HR, Finance and other departments to ensure a cohesive and collaborative approach to cybersecurity. "What's in it for me" we hear you ask? A brilliant opportunity to grow your career & work with a fun, fast-paced & growing company, prepared to let you shine An entrepreneurial environment where you learn more every day (we more than welcome and support people with their own projects) Build an organisation right from the "beginning" Personal responsibility with a ton of autonomy Truly remote working (Work anywhere in the world) 33/30 PTOto ensure that youare staying well-rounded & rested Market leading remuneration and bonuses available A budget for your professional development and ongoing learning An international team with over 40 nationalities About us: Based in Central London, but adopting a flexible and remote approach; Finixio is a Lead Generation and Affiliate Marketing company, building websites appealing to audiences worldwide. Our sites cover news, education, comparison and reviews, within the following exciting niches: Forex & Online Trading Stocks & Shares Personal Finance, Loans, Banking Cyber Security & Software Technology Casino & Online Gaming Health & Nutrition As part of a wider group, Finixio was formed in 2018 and is currently home to over 100 Websites / Brands - with more in the pipeline. It is a fantastic time to join our team of specialist digital marketers. With proven track records in our respective fields - we are well-funded, highly profitable (yes, already!), and primed for significant growth. At Finixio, we Value: Entrepreneurial spirit: We take initiative and seek out new opportunity Excellence: We strive for the best in everything we do Collaboration: We believe the best ideas come from working together Innovation: We embrace new ideas and technologies Our Culture is: Diverse and Inclusive Committed to continuous learning and development Focused on work-life balance and flexibility Celebrate our success and learning from failures Fun and supportive, where everyone is genuinely encouraged to be themselves Excited about this opportunity? Apply NOW! Finixio is an equal opportunity employer and we welcome applicants from ALL backgrounds.
Mar 26, 2024
Full time
Finixio is a proudly Remote First group Position Overview: As the Head of IT Security, you will be responsible for designing, implementing, and overseeing comprehensive cybersecurity strategies to safeguard our organization's sensitive data and technology assets. In this leadership role, you will work closely with very agile, cross-functional teams, and collaborate with key stakeholders to ensure the highest standards of information security in a BYOD environment. Key Responsibilities: Strategic Planning: Develop and implement a strategic and forward-thinking IT security roadmap aligned with business objectives. Define, communicate, and champion security policies, standards, and procedures. Risk Management: Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats. Manage and maintain centrally managed devices for key company roles Collaborate with stakeholders and relevant departments to assess and manage security risks associated with BYOD practices. Security Architecture: Design, implement, and maintain a robust security architecture for the protection of data, networks, and systems. Oversee the deployment of security technologies and solutions. Incident Response: Establish and lead an incident response team to promptly address and mitigate security incidents. Develop and maintain an incident response plan and conduct regular drills. Security Awareness: Cultivate a strong security awareness culture among employees Provide training programs and resources to educate staff on best security practices, especially in a BYOD environment. Compliance: Ensure compliance with industry regulations, data protection laws, and cybersecurity standards. Stay current on emerging threats, technologies, and regulatory requirements. Collaboration: Work closely with HR, Finance and other departments to ensure a cohesive and collaborative approach to cybersecurity. "What's in it for me" we hear you ask? A brilliant opportunity to grow your career & work with a fun, fast-paced & growing company, prepared to let you shine An entrepreneurial environment where you learn more every day (we more than welcome and support people with their own projects) Build an organisation right from the "beginning" Personal responsibility with a ton of autonomy Truly remote working (Work anywhere in the world) 33/30 PTOto ensure that youare staying well-rounded & rested Market leading remuneration and bonuses available A budget for your professional development and ongoing learning An international team with over 40 nationalities About us: Based in Central London, but adopting a flexible and remote approach; Finixio is a Lead Generation and Affiliate Marketing company, building websites appealing to audiences worldwide. Our sites cover news, education, comparison and reviews, within the following exciting niches: Forex & Online Trading Stocks & Shares Personal Finance, Loans, Banking Cyber Security & Software Technology Casino & Online Gaming Health & Nutrition As part of a wider group, Finixio was formed in 2018 and is currently home to over 100 Websites / Brands - with more in the pipeline. It is a fantastic time to join our team of specialist digital marketers. With proven track records in our respective fields - we are well-funded, highly profitable (yes, already!), and primed for significant growth. At Finixio, we Value: Entrepreneurial spirit: We take initiative and seek out new opportunity Excellence: We strive for the best in everything we do Collaboration: We believe the best ideas come from working together Innovation: We embrace new ideas and technologies Our Culture is: Diverse and Inclusive Committed to continuous learning and development Focused on work-life balance and flexibility Celebrate our success and learning from failures Fun and supportive, where everyone is genuinely encouraged to be themselves Excited about this opportunity? Apply NOW! Finixio is an equal opportunity employer and we welcome applicants from ALL backgrounds.
Your new company A large and well-known higher education institution within Glasgow. This company are in the midst of an IT transformation with both BAU work and multiple projects ongoing. They have a fantastic team culture with a real focus on employee well-being, whilst still meeting their deliverables and offering a chance to develop your career. Your new role As a Cyber Security and Ops Analyst, you will be responsible for monitoring threats and use your experience to effectively mitigate and nullify these risks in response. You will also be required to use, grow and maintain a wide-ranging knowledge of the organisations chosen security technology and ops processes and be comfortable utilising this to proactively resolve arising incidents. In addition, you will be comfortable enhancing and improving the existing security controls and troubleshoot and advise end users and stakeholders to reduce the frequency of incidents, automating where appropriate. What you/'ll need to succeed The ideal candidate will have experience of the following. Demonstrated the ability to create and implement new work procedures that are integrated into standard operations. Proficient in tools such as Microsoft Defender and Sentinel. Proficient in prioritising tasks and managing workloads effectively, with the ability to translate strategic goals into actionable plans. Strong interpersonal skills, with the ability to communicate and collaborate effectively with technical specialists, business stakeholders, and senior management. Skilled at producing clear and concise assessments of technical matters, and explaining complex concepts to non-technical audiences. Advanced analytical and problem-solving capabilities. Proven planning skills, with the ability to independently plan and manage workload in a fast-paced environment. What you/'ll get in return Salary up to £40,000 Hybrid Working environment Great career, progression and training opportunities. Fantastic pension contributing up to 25%. What you need to do now If you/'re interested in this role, click /'apply now/' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Feb 01, 2024
Full time
Your new company A large and well-known higher education institution within Glasgow. This company are in the midst of an IT transformation with both BAU work and multiple projects ongoing. They have a fantastic team culture with a real focus on employee well-being, whilst still meeting their deliverables and offering a chance to develop your career. Your new role As a Cyber Security and Ops Analyst, you will be responsible for monitoring threats and use your experience to effectively mitigate and nullify these risks in response. You will also be required to use, grow and maintain a wide-ranging knowledge of the organisations chosen security technology and ops processes and be comfortable utilising this to proactively resolve arising incidents. In addition, you will be comfortable enhancing and improving the existing security controls and troubleshoot and advise end users and stakeholders to reduce the frequency of incidents, automating where appropriate. What you/'ll need to succeed The ideal candidate will have experience of the following. Demonstrated the ability to create and implement new work procedures that are integrated into standard operations. Proficient in tools such as Microsoft Defender and Sentinel. Proficient in prioritising tasks and managing workloads effectively, with the ability to translate strategic goals into actionable plans. Strong interpersonal skills, with the ability to communicate and collaborate effectively with technical specialists, business stakeholders, and senior management. Skilled at producing clear and concise assessments of technical matters, and explaining complex concepts to non-technical audiences. Advanced analytical and problem-solving capabilities. Proven planning skills, with the ability to independently plan and manage workload in a fast-paced environment. What you/'ll get in return Salary up to £40,000 Hybrid Working environment Great career, progression and training opportunities. Fantastic pension contributing up to 25%. What you need to do now If you/'re interested in this role, click /'apply now/' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
We have been made aware of a global phishing campaign where employees from companies are being impersonated. We are confident that no PageGroup system has been breached. Find out how to protect yourself Head of Risk, Information, Security and Compliance Swindon Permanent The business is planning for significant growth and transformation. Hybrid working practices in place. About Our Client UKSBS is a leading public sector shared service centre, providing high-quality HR, Payroll, Finance, Procurement and IT services to our partners. Owned by the Department of Science, Innovation and Technology (DSIT), the Department for Energy Security and Net Zero (DESNZ), the Department of Business and Trade (DBT) and UK Research and Innovation (UKRI). We provide a range of efficient, scalable, and expert Finance, HR and Payroll, Procurement and Business IT services helping the advancement of the UK's economy and society. We are motivated by a desire to deliver high-quality, efficient and reliable service to over 25,000 civil and public servants, employed by our clients. As a public sector-owned shared service centre, UK SBS is motivated by a desire to deliver the highest possible quality of service to our partner organisations. We are proud to play our part in contributing to the success of our partners. We aspire to be the leading UK public sector business service provider, efficiently and securely managing multiple technology platforms and delivering a great end-user experience, underpinned by simple processes and cutting-edge IT. Our operating model will balance harnessing the value for money and efficiency offered by greater automation and self-service, with responsive and personal interactions for more complex needs. Our flexible approach will enable us to flexibly support a wide and changing range of partner requirements. We plan to welcome new public sector partners to our mutual ownership model which will ensure the best value for the public purse. Our people will continue to be at the heart of our company, supported by empowered leaders and enabled by an inclusive and diverse working culture. Job Description You will be working closely with the Executive team and our Chief Executive Officer (Senior Information Risk Owner) with the responsibility and accountability for leading an expert team to ensure UKSBS (people, systems, information and premises) have robust, proportionate and cost-effective: Information Security. Incident Management, Business Continuity and Disaster Recovery. Information Management and Data Protection. Risk Management, Internal Controls and Audit Programme coordination. Counter Fraud, including legal requirements under the Bribery Act. You will also act as the Departmental Security Advisor. Flexibility may be required to respond to the changing needs of the organisation and the service. You may also be asked to undertake ad hoc activities in support of the Chief Executive Officer and other Executives. Responsibilities will include: Work closely across the Executive and Senior Leadership Group to ensure alignment of RISC objectives with the UKSBS business plan and operational plan. Performance lead and develop the Risk, Information, Security and Compliance (RISC) team, ensuring that members have appropriate business exposure, are professionally competent and highly motivated. Has accountability for ensuring the team operates to budget. Provide coaching and mentoring support to management colleagues across the business. Represent the Risk, Information, Security and Compliance (RISC) function, as required, at the UKSBS Committees. Represent UKSBS, as required, at the UKSBS Audit Committee and key partnership/client meetings. Ensure UKSBS has a positive working relationship with GIAA. Maintain a strong network of Risk, Information, Security and Compliance (RISC) contacts across Government, the public sector and wider business. Provide strategic, tactical, and operational advice to Executive and Senior Management. Design and deliver an appropriate suite of Risk, Information, Security and Compliance (RISC) strategies, policies and processes, maintaining legal compliance and alignment with HM government best practices. Drive cultural alignment to agreed policies across the organisation. Gain agreement from Executive and Audit Committees to an annual Risk, Information, Security and Compliance (RISC) delivery plan. Act as the Security Advisor, coordinating the company response to security-related matters, including assessing and making judgements in relation to risk on behalf of the SIRO and Executive. Providing senior level guidance and support to the Information Manager and Data Protection Officer, Senior Information Security Manager, Information Security Manager and Risk and Assurance Manager ensuring coordination that supports delivery by Digital and Information, Operations, and Partnerships and Change. Ensure delivery of the UKSBS annual audit plan as agreed by the Audit Committee. Support and report progress to close reported audit findings. Oversee the development and testing of business continuity and resilience plans. Act as the professional adviser to Gold and Silver command in the event of a business continuity incident Ensure UKSBS' cyber security is maintained Ensure planning, delivery and reporting of an annual cycle of mandatory Risk, Information, Security and Compliance (RISC) training. Oversee the quality and timeliness of reporting, papers and reports for formal meetings and supporting communications material. Identify opportunities for control enhancements, service/quality improvements and operational efficiency. Act as Programme Lead / SRO for activities, as required, ensuring appropriate governance is maintained and dependencies to other programmes are addressed. Act as Project Manager for key projects when necessary. Identify, monitor and report business case benefits, and evidence success. The Successful Applicant A significant specialist background in Risk, Information Management, Business Continuity and Information Assurance / Security, ideally with recognised qualifications. Experience in managing IT security frameworks for both physical and personal security. Demonstrable experience in budgeting, planning and analysis. Experience in building and maintaining strong working relationships. Ability to think commercially and strategically. Organised with project management skills. Excellent team leadership skills and behaviours. Experienced team player - able to listen and contribute in equal measure and engage with and encourage a wide range of opinions. Strong presentation, written and oral communication skills. Strong numeracy and analytic skills informing evidence-based decisions. Excellent interpersonal skills, able to influence, build and maintain strong working relationships with a wide range of stakeholders; collaborative and consultative. Motivated, adaptable and proactive with the ability to work flexibly in a changing environment; highly resilient and politically astute. Auditing and/or management of audit activity; possibly with recognised qualifications. Experience in shared service and/or customer service delivery Experience in the public sector. Likely to be educated to degree level. What's on Offer A competitive salary - to be discussed on a one-to-one basis. Excellent defined Pension scheme with an employer contribution of 27%. Annual leave allowance of 28 days rising after the first year to a maximum of 30 days. Hybrid working provides the flexibility to work from the office and at home with Offices in Swindon, Newport and Billingham (plus a season ticket loan to spread the travel cost) Childcare scheme and on-site nursery (at our Swindon office) Parental leave and family-friendly policies. Three volunteering days each year enabling you to pursue your passion to support the local community. Wellbeing support through our Employment Assistance Programme and other Wellbeing tools. Cycle to work scheme and on-site facilities On-the-job training, coaching, and in-house courses to build on your personal and professional skills Financial support and flexibility while you work towards professional qualifications Celebrating and recognising employee achievements through our recognition scheme Clear and flexible career pathways and opportunities to widen your experience to support your progression Michael Page is part of the PageGroup. Michael Page is a trading name of Michael Page International Recruitment Limited. Registered in England No. Registered Office: 200 Dashwood Lang Road, Bourne Business Park, Addlestone, Surrey, KT15 2NX
Jan 27, 2024
Full time
We have been made aware of a global phishing campaign where employees from companies are being impersonated. We are confident that no PageGroup system has been breached. Find out how to protect yourself Head of Risk, Information, Security and Compliance Swindon Permanent The business is planning for significant growth and transformation. Hybrid working practices in place. About Our Client UKSBS is a leading public sector shared service centre, providing high-quality HR, Payroll, Finance, Procurement and IT services to our partners. Owned by the Department of Science, Innovation and Technology (DSIT), the Department for Energy Security and Net Zero (DESNZ), the Department of Business and Trade (DBT) and UK Research and Innovation (UKRI). We provide a range of efficient, scalable, and expert Finance, HR and Payroll, Procurement and Business IT services helping the advancement of the UK's economy and society. We are motivated by a desire to deliver high-quality, efficient and reliable service to over 25,000 civil and public servants, employed by our clients. As a public sector-owned shared service centre, UK SBS is motivated by a desire to deliver the highest possible quality of service to our partner organisations. We are proud to play our part in contributing to the success of our partners. We aspire to be the leading UK public sector business service provider, efficiently and securely managing multiple technology platforms and delivering a great end-user experience, underpinned by simple processes and cutting-edge IT. Our operating model will balance harnessing the value for money and efficiency offered by greater automation and self-service, with responsive and personal interactions for more complex needs. Our flexible approach will enable us to flexibly support a wide and changing range of partner requirements. We plan to welcome new public sector partners to our mutual ownership model which will ensure the best value for the public purse. Our people will continue to be at the heart of our company, supported by empowered leaders and enabled by an inclusive and diverse working culture. Job Description You will be working closely with the Executive team and our Chief Executive Officer (Senior Information Risk Owner) with the responsibility and accountability for leading an expert team to ensure UKSBS (people, systems, information and premises) have robust, proportionate and cost-effective: Information Security. Incident Management, Business Continuity and Disaster Recovery. Information Management and Data Protection. Risk Management, Internal Controls and Audit Programme coordination. Counter Fraud, including legal requirements under the Bribery Act. You will also act as the Departmental Security Advisor. Flexibility may be required to respond to the changing needs of the organisation and the service. You may also be asked to undertake ad hoc activities in support of the Chief Executive Officer and other Executives. Responsibilities will include: Work closely across the Executive and Senior Leadership Group to ensure alignment of RISC objectives with the UKSBS business plan and operational plan. Performance lead and develop the Risk, Information, Security and Compliance (RISC) team, ensuring that members have appropriate business exposure, are professionally competent and highly motivated. Has accountability for ensuring the team operates to budget. Provide coaching and mentoring support to management colleagues across the business. Represent the Risk, Information, Security and Compliance (RISC) function, as required, at the UKSBS Committees. Represent UKSBS, as required, at the UKSBS Audit Committee and key partnership/client meetings. Ensure UKSBS has a positive working relationship with GIAA. Maintain a strong network of Risk, Information, Security and Compliance (RISC) contacts across Government, the public sector and wider business. Provide strategic, tactical, and operational advice to Executive and Senior Management. Design and deliver an appropriate suite of Risk, Information, Security and Compliance (RISC) strategies, policies and processes, maintaining legal compliance and alignment with HM government best practices. Drive cultural alignment to agreed policies across the organisation. Gain agreement from Executive and Audit Committees to an annual Risk, Information, Security and Compliance (RISC) delivery plan. Act as the Security Advisor, coordinating the company response to security-related matters, including assessing and making judgements in relation to risk on behalf of the SIRO and Executive. Providing senior level guidance and support to the Information Manager and Data Protection Officer, Senior Information Security Manager, Information Security Manager and Risk and Assurance Manager ensuring coordination that supports delivery by Digital and Information, Operations, and Partnerships and Change. Ensure delivery of the UKSBS annual audit plan as agreed by the Audit Committee. Support and report progress to close reported audit findings. Oversee the development and testing of business continuity and resilience plans. Act as the professional adviser to Gold and Silver command in the event of a business continuity incident Ensure UKSBS' cyber security is maintained Ensure planning, delivery and reporting of an annual cycle of mandatory Risk, Information, Security and Compliance (RISC) training. Oversee the quality and timeliness of reporting, papers and reports for formal meetings and supporting communications material. Identify opportunities for control enhancements, service/quality improvements and operational efficiency. Act as Programme Lead / SRO for activities, as required, ensuring appropriate governance is maintained and dependencies to other programmes are addressed. Act as Project Manager for key projects when necessary. Identify, monitor and report business case benefits, and evidence success. The Successful Applicant A significant specialist background in Risk, Information Management, Business Continuity and Information Assurance / Security, ideally with recognised qualifications. Experience in managing IT security frameworks for both physical and personal security. Demonstrable experience in budgeting, planning and analysis. Experience in building and maintaining strong working relationships. Ability to think commercially and strategically. Organised with project management skills. Excellent team leadership skills and behaviours. Experienced team player - able to listen and contribute in equal measure and engage with and encourage a wide range of opinions. Strong presentation, written and oral communication skills. Strong numeracy and analytic skills informing evidence-based decisions. Excellent interpersonal skills, able to influence, build and maintain strong working relationships with a wide range of stakeholders; collaborative and consultative. Motivated, adaptable and proactive with the ability to work flexibly in a changing environment; highly resilient and politically astute. Auditing and/or management of audit activity; possibly with recognised qualifications. Experience in shared service and/or customer service delivery Experience in the public sector. Likely to be educated to degree level. What's on Offer A competitive salary - to be discussed on a one-to-one basis. Excellent defined Pension scheme with an employer contribution of 27%. Annual leave allowance of 28 days rising after the first year to a maximum of 30 days. Hybrid working provides the flexibility to work from the office and at home with Offices in Swindon, Newport and Billingham (plus a season ticket loan to spread the travel cost) Childcare scheme and on-site nursery (at our Swindon office) Parental leave and family-friendly policies. Three volunteering days each year enabling you to pursue your passion to support the local community. Wellbeing support through our Employment Assistance Programme and other Wellbeing tools. Cycle to work scheme and on-site facilities On-the-job training, coaching, and in-house courses to build on your personal and professional skills Financial support and flexibility while you work towards professional qualifications Celebrating and recognising employee achievements through our recognition scheme Clear and flexible career pathways and opportunities to widen your experience to support your progression Michael Page is part of the PageGroup. Michael Page is a trading name of Michael Page International Recruitment Limited. Registered in England No. Registered Office: 200 Dashwood Lang Road, Bourne Business Park, Addlestone, Surrey, KT15 2NX
Cyber Threat Intelligence Specialist City of London (hybrid) Up to £67,000 per annum + annual discretionary bonus On behalf of a City of London based financial services organisation, I am seeking an experienced Cyber Threat Intelligence Specialist to join their team. As a Cyber Threat Intelligence Specialist, you will strengthen the Group's Threat Intelligence program by collecting, processing, analysing, and disseminating actionable intelligence, and driving the continual growth and maturity of the program. The ideal candidate will have the ability to aggregate and present intelligence at the strategic, operational, and tactical level. Due to the organisation operating a hybrid work model, you must be within commutable distance of their City of London offices and willing to be office based at least 2 days per week. Responsibilities: Build relationships and work with stakeholders from within Cyber Security and the wider organisation to define intelligence requirements. Maintain knowledge and understanding of the cyber threats facing financial organisations. Coordinate the implementation and ongoing management of threat intelligence tools and platforms. Identify strategic, tactical, and operational intelligence trends, patterns, and behaviour to provide business-focused, impactful intelligence. Develop and deliver high quality written and verbal briefing material, communicating the threat landscape for a range of audiences up to and including C suite. Manage relationships and outputs of third-party Cyber Threat Intelligence partners. Support threat detection and incident response activities with research and analysis. Enable the wider organisation to use threat intelligence for informed decision making. Explore opportunities to work with other financial institutes, regulators, and authorities to share intelligence. Skills/Experience required: In-depth knowledge of the current tactics, techniques, and procedures (TTPs) used by threat actors and experience using frameworks such as MITRE ATT&CK. Strong technical and analytical security skills required with a minimum of 2 years' experience working in an intelligence role. Strong understanding of the Threat Intelligence life cycle methodology. Communication and presentation skills, with the ability to explain complex topics simply. Knowledge of security operations, network monitoring or analysis, intrusion or anomaly detection analysis, threat hunting, threat attribution assessment. Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools, and forensic analysis tools. Knowledge of and experience with web Proxy, Firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analysers, and domain name Servers desired Good understanding of TCP/IP and networking technologies/protocols Experience of working in an NIST and/or ITIL controlled environment. Should be working towards or have one or several the following certifications: CRTIA, CRTIM, CRISC, CISSP, CCSP, Relevant GIAC certifications.
Jan 26, 2024
Full time
Cyber Threat Intelligence Specialist City of London (hybrid) Up to £67,000 per annum + annual discretionary bonus On behalf of a City of London based financial services organisation, I am seeking an experienced Cyber Threat Intelligence Specialist to join their team. As a Cyber Threat Intelligence Specialist, you will strengthen the Group's Threat Intelligence program by collecting, processing, analysing, and disseminating actionable intelligence, and driving the continual growth and maturity of the program. The ideal candidate will have the ability to aggregate and present intelligence at the strategic, operational, and tactical level. Due to the organisation operating a hybrid work model, you must be within commutable distance of their City of London offices and willing to be office based at least 2 days per week. Responsibilities: Build relationships and work with stakeholders from within Cyber Security and the wider organisation to define intelligence requirements. Maintain knowledge and understanding of the cyber threats facing financial organisations. Coordinate the implementation and ongoing management of threat intelligence tools and platforms. Identify strategic, tactical, and operational intelligence trends, patterns, and behaviour to provide business-focused, impactful intelligence. Develop and deliver high quality written and verbal briefing material, communicating the threat landscape for a range of audiences up to and including C suite. Manage relationships and outputs of third-party Cyber Threat Intelligence partners. Support threat detection and incident response activities with research and analysis. Enable the wider organisation to use threat intelligence for informed decision making. Explore opportunities to work with other financial institutes, regulators, and authorities to share intelligence. Skills/Experience required: In-depth knowledge of the current tactics, techniques, and procedures (TTPs) used by threat actors and experience using frameworks such as MITRE ATT&CK. Strong technical and analytical security skills required with a minimum of 2 years' experience working in an intelligence role. Strong understanding of the Threat Intelligence life cycle methodology. Communication and presentation skills, with the ability to explain complex topics simply. Knowledge of security operations, network monitoring or analysis, intrusion or anomaly detection analysis, threat hunting, threat attribution assessment. Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools, and forensic analysis tools. Knowledge of and experience with web Proxy, Firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analysers, and domain name Servers desired Good understanding of TCP/IP and networking technologies/protocols Experience of working in an NIST and/or ITIL controlled environment. Should be working towards or have one or several the following certifications: CRTIA, CRTIM, CRISC, CISSP, CCSP, Relevant GIAC certifications.
The Institution of Engineering & Technology
Stevenage, Hertfordshire
Data Protection Specialist circa £35,000 - £39,200 per annum, dependent on experience Stevenage, Hertfordshire (with Hybrid Working) What if you could be key to delivering the IET's data protection compliance strategy? What if you could join a proactive and collaborative team focused on the timely delivery of first-class advice and guidance? What if you were our Data Protection Specialist? At the IET, making our world a better place starts by creating a better place for our people. At the IET you'll have more than just a job. Our work is exciting and challenging, connecting the people who solve the problems that matter. It means working with us has real meaning and impact, and you'll grow - professionally and personally - in ways you never thought possible. We're also making significant investments in our people, including providing a modern, vibrant workplace and embracing hybrid working. What you'll be doing Reporting into the Data Protection Officer, you'll support the provision of all data protection and information governance guidance to ensure the IET continues to meet national and international information legislation, regulation, and best practice. This role benefits from Hybrid working, this means home working and attending the Stevenage office typically two to three times a week. What we hope you can bring to the role You'll have experience from a previous data protection/information governance role as well as excellent up to date knowledge of national and international data protection law. You'll be a confident, enthusiastic, self- motivated individual who is keen to get into detail and provide expert guidance and advice to IET colleagues. With excellent interpersonal skills, you'll be able to effectively manage stakeholders and influence attitudes and behaviours. We'd love to get to know you Is Imposter syndrome creeping in? Don't worry - we'd rather hear from you this time than not hear from you at all! Read on for a little more information about the role; but also, keep in mind that we're open to discussing flexible ways of working, including reduced hours, and working in an agile way, supported by a hybrid working framework that allows you to find the best place to do your best work. A little more about the role Support the Data Protection Officer (DPO) and organisation on all data protection and information law matters. Help build and foster strong relationships across the organisation, subsidiaries and with external parties. Help guide the organisation on the impact of existing and new regulatory changes. Advise on processing of personal data UK/ EEA and internationally and implications of local data protection laws, particularly for IET offices based in USA, China, India, Hong Kong. Help embed a 'data privacy by design and default' culture across the organisation. Ensure Privacy Notices are in place and up to date where required. Support the organisation with Data Protection Impact and data risk assessments. Manage and maintain the Records of Processing Activity. Support and coordinate the data protection and information security training and awareness programme and help design annual education initiatives to engage the executive board, senior leadership team, staff and volunteers. Update and manage the data protection and privacy suite of policies and guidance. Maintain the Privacy Office Intranet Hub. Support the incident and breach response management programme. Lead and manage data subject rights requests. Support the information security/cyber security plan and global governance strategy. Support the data protection third party due diligence process. Assist and advise on data protection contract clauses and conduct data transfer risk assessments where applicable. Administer privacy key performance indicators (KPI's) and support the data protection compliance monitoring programme. Comply with data protection law and act responsibly on matters of data disclosure both internally and to third parties A little more about what we're looking for Excellent national and international data protection law knowledge (Data Protection Act 2018 and EU/UK GDPR, and PECR) Willingness to learn and maintain up to date data protection legislation and to study and work towards data protection qualifications Demonstrable experience in a data protection or information governance role, or compliance, legal background. Experience in preparing contracts/ agreements to include data protection mechanisms Great communication skills at all levels including written, verbal and presentation skills. Ability to risk assess and make good judgements regarding data protection and privacy risks. Analytical and investigative skills Good skills in leading, persuading and influencing. Excellent ability to absorb complex information, applying this to the IET and clearly communicating to the wider business Strong team working skills Good commercial awareness. Project management skills. Flexible within a changing environment Ability to create and embed needs assessed compliance training strategies. What if you could be you? The IET is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. To find out more, head over to our 'Work for the IET' site.
Dec 10, 2022
Full time
Data Protection Specialist circa £35,000 - £39,200 per annum, dependent on experience Stevenage, Hertfordshire (with Hybrid Working) What if you could be key to delivering the IET's data protection compliance strategy? What if you could join a proactive and collaborative team focused on the timely delivery of first-class advice and guidance? What if you were our Data Protection Specialist? At the IET, making our world a better place starts by creating a better place for our people. At the IET you'll have more than just a job. Our work is exciting and challenging, connecting the people who solve the problems that matter. It means working with us has real meaning and impact, and you'll grow - professionally and personally - in ways you never thought possible. We're also making significant investments in our people, including providing a modern, vibrant workplace and embracing hybrid working. What you'll be doing Reporting into the Data Protection Officer, you'll support the provision of all data protection and information governance guidance to ensure the IET continues to meet national and international information legislation, regulation, and best practice. This role benefits from Hybrid working, this means home working and attending the Stevenage office typically two to three times a week. What we hope you can bring to the role You'll have experience from a previous data protection/information governance role as well as excellent up to date knowledge of national and international data protection law. You'll be a confident, enthusiastic, self- motivated individual who is keen to get into detail and provide expert guidance and advice to IET colleagues. With excellent interpersonal skills, you'll be able to effectively manage stakeholders and influence attitudes and behaviours. We'd love to get to know you Is Imposter syndrome creeping in? Don't worry - we'd rather hear from you this time than not hear from you at all! Read on for a little more information about the role; but also, keep in mind that we're open to discussing flexible ways of working, including reduced hours, and working in an agile way, supported by a hybrid working framework that allows you to find the best place to do your best work. A little more about the role Support the Data Protection Officer (DPO) and organisation on all data protection and information law matters. Help build and foster strong relationships across the organisation, subsidiaries and with external parties. Help guide the organisation on the impact of existing and new regulatory changes. Advise on processing of personal data UK/ EEA and internationally and implications of local data protection laws, particularly for IET offices based in USA, China, India, Hong Kong. Help embed a 'data privacy by design and default' culture across the organisation. Ensure Privacy Notices are in place and up to date where required. Support the organisation with Data Protection Impact and data risk assessments. Manage and maintain the Records of Processing Activity. Support and coordinate the data protection and information security training and awareness programme and help design annual education initiatives to engage the executive board, senior leadership team, staff and volunteers. Update and manage the data protection and privacy suite of policies and guidance. Maintain the Privacy Office Intranet Hub. Support the incident and breach response management programme. Lead and manage data subject rights requests. Support the information security/cyber security plan and global governance strategy. Support the data protection third party due diligence process. Assist and advise on data protection contract clauses and conduct data transfer risk assessments where applicable. Administer privacy key performance indicators (KPI's) and support the data protection compliance monitoring programme. Comply with data protection law and act responsibly on matters of data disclosure both internally and to third parties A little more about what we're looking for Excellent national and international data protection law knowledge (Data Protection Act 2018 and EU/UK GDPR, and PECR) Willingness to learn and maintain up to date data protection legislation and to study and work towards data protection qualifications Demonstrable experience in a data protection or information governance role, or compliance, legal background. Experience in preparing contracts/ agreements to include data protection mechanisms Great communication skills at all levels including written, verbal and presentation skills. Ability to risk assess and make good judgements regarding data protection and privacy risks. Analytical and investigative skills Good skills in leading, persuading and influencing. Excellent ability to absorb complex information, applying this to the IET and clearly communicating to the wider business Strong team working skills Good commercial awareness. Project management skills. Flexible within a changing environment Ability to create and embed needs assessed compliance training strategies. What if you could be you? The IET is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. To find out more, head over to our 'Work for the IET' site.
Job title: IM&T - Cyber Security Practitioner Location: Barrow-in-Furness (Hybrid working, 2-days per fortnight on site) We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this role. Salary: Competitive Referral Scheme Bonus: £1000 Grade: S5 What you'll be doing: Supporting the implementation and on-going requirements for the Portable Electronic Device policy (PED), and relevant security controls in relation to Information Protection Zones (IPZ) Supporting day-to-day operation of the Identity & Access Management (IdAM) & Data Loss Prevention (DLP) Product Group, Incident Resolution, & Transactional demand driven by business requirements and end user access issues relating to classified information Supporting and delivering the Cyber Security Strategic Vision through existing and future capability. Exploiting current & future toolsets in support of Incident Response and Management Capability and supporting the delivery of a forensic analysis capability Delegated responsibilities from the Product Manager/Deputising for Product Manager as required Facilitating Specialist Working Groups, drawing subject matter expertise from the business and customers, and developing/improving Cyber Security policies and guidance Consulting with major IT Projects and Programmes, ensuring they comply with Cyber Security policies Monitoring Cyber Security controls against policy to ensure their effective operation Your skills and experiences: Essential : Good knowledge of Cyber Security and working with networks/systems/software packages Strong IT/Information Management experience and gathering and analysing, composing reports and delivering presentations Good problem solving & communication skills in a technical environment, with confidence presenting to internal/external stakeholders Experience of the implementation, or operation of Cyber Security policies Desirable : Holding a CISM, CISA or CISSP qualification would be beneficial Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The Cyber Security team: The Cyber Security Team supports the Submarines Business in terms of advice and guidance relating to the Security of Information on the Programmes, and across the wider enterprise. We advise and support users on their personal responsibilities and utilise the controls in place to ensure we meet our contractual obligations to the customer. Working closely with our IT support partners and suppliers we resolve user / business raised incidents related to the controls we have in place. You can join us at an exciting time, as our future plans over the next 5 years are for the function to increase its operations, exploiting our current capability, and from the introduction of the latest Security technology. As a Cyber Security Practitioner, you will be involved in the analysis of Information Security requirements and the assessment of compliance with these requirements, developing action plans to address identified non-compliances. You will also identify improvement opportunities and ensure their implementation. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments." Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.
Dec 08, 2022
Full time
Job title: IM&T - Cyber Security Practitioner Location: Barrow-in-Furness (Hybrid working, 2-days per fortnight on site) We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this role. Salary: Competitive Referral Scheme Bonus: £1000 Grade: S5 What you'll be doing: Supporting the implementation and on-going requirements for the Portable Electronic Device policy (PED), and relevant security controls in relation to Information Protection Zones (IPZ) Supporting day-to-day operation of the Identity & Access Management (IdAM) & Data Loss Prevention (DLP) Product Group, Incident Resolution, & Transactional demand driven by business requirements and end user access issues relating to classified information Supporting and delivering the Cyber Security Strategic Vision through existing and future capability. Exploiting current & future toolsets in support of Incident Response and Management Capability and supporting the delivery of a forensic analysis capability Delegated responsibilities from the Product Manager/Deputising for Product Manager as required Facilitating Specialist Working Groups, drawing subject matter expertise from the business and customers, and developing/improving Cyber Security policies and guidance Consulting with major IT Projects and Programmes, ensuring they comply with Cyber Security policies Monitoring Cyber Security controls against policy to ensure their effective operation Your skills and experiences: Essential : Good knowledge of Cyber Security and working with networks/systems/software packages Strong IT/Information Management experience and gathering and analysing, composing reports and delivering presentations Good problem solving & communication skills in a technical environment, with confidence presenting to internal/external stakeholders Experience of the implementation, or operation of Cyber Security policies Desirable : Holding a CISM, CISA or CISSP qualification would be beneficial Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The Cyber Security team: The Cyber Security Team supports the Submarines Business in terms of advice and guidance relating to the Security of Information on the Programmes, and across the wider enterprise. We advise and support users on their personal responsibilities and utilise the controls in place to ensure we meet our contractual obligations to the customer. Working closely with our IT support partners and suppliers we resolve user / business raised incidents related to the controls we have in place. You can join us at an exciting time, as our future plans over the next 5 years are for the function to increase its operations, exploiting our current capability, and from the introduction of the latest Security technology. As a Cyber Security Practitioner, you will be involved in the analysis of Information Security requirements and the assessment of compliance with these requirements, developing action plans to address identified non-compliances. You will also identify improvement opportunities and ensure their implementation. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments." Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.
Director - Cyber Defense Operations DFIR The Director Cyber Defence Operations is responsible for leading a global team providing proactive threat detection and response capabilities across a vast technology environment encompassing both traditional on-premise and cutting-edge cloud native assets. The role will drive the strategic direction of the function, as well as providing hands-on expertise in predicting, preventing, detecting and responding to security threats of all types and sophistications. The Director Cyber Defence Operations will be a vocal proponent of modern approaches to autonomic security operations, driving a threat intelligence lead, data driven and engineering rooted philosophy across the team and wider business. The ideal candidate will be as comfortable presenting to senior stakeholders as they are deep in the depths of a complex and multi-faceted digital forensics investigation and will thrive on coming up with exciting new solutions to a broad range of standard and cutting-edge problems and seeing them through from design to execution. The Director Cyber Defence Operations will be a role model to the team and will succeed by continually upskilling others through their experiences, mindset and capabilities. Always challenging the status quo, looking at areas for development and not being afraid to seek out and eradicate problems to ensure the security of the business. Key Responsibilities: Lead and manage a global team of specialists performing continuous threat detection and response operations including: Signals acquisition Detection engineering Attack analysis Proactive threat hunting Incident response / incident management Digital forensics / malware analysis Own, develop, maintain and exercise cyber incident response plans, processes and playbooks. Work closely with Security Engineering teams to: Recommend system tuning/configuration improvements. Leverage and oversee automation & orchestration initiatives. Identify opportunities for application of data science techniques. Drive strategic capability development roadmap for TDR. Integration and exploitation of cyber threat intelligence in conjunction with internal CTI team and external sources. Ensure operational excellence through measurements, KPIs, reporting and continual process improvement. Evangelise forward thinking data and engineering lead operational models such as: Detection-as-code Autonomic security operations DevSecOps Continuous validation/testing Cloud-native security operations. Develop and manage a personnel skill and capabilities development framework. Continuous professional development through training, conferences and self-education. Required Skills: Significant and demonstrable experience working in advanced detection, threat hunting and/or incident response function as a lead. Experience developing incident response processes and supporting documentation. Understanding and application of proactive hypothesis-based threat hunting methodologies. Application and exploitation of common frameworks such as MITRE ATT&CK, NIST etc. Proficient in performing complex investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools across Windows, MacOS and Linux. Hands-on experience with modern detection technologies such as EDR/XDR, SIEM (Splunk/Sentinel), SOAR, NIPS/HIPS. Extensive knowledge of networking concepts, including network detection and response tooling and intrusion prevention (Snort, Zeek, Suricata etc.) Proficient with investigating large-scale data compromise events across a hybrid on-premise, public and private cloud environment (AWS, Azure, GCP preferred). Understanding and experience investigating and responding to incidents in cloud native technologies such as containers (Kubernetes, AWS ECS/Fargate) and serverless (AWS Lambda). Knowledge of digital forensics forensic best practices and industry standard methodologies including chain of custody, evidence acquisition and appropriate tooling (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.) Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners. Proficiency in at least one or more modern programming or scripting languages (Python, Go, Rust etc.) Evidence of previous security solution design, implementation and engineering successes. Understating of DevSecOps approach and implementation of "everything-as-code" models. Experience acting as a technical team lead and mentor to junior team members. Strong verbal and written communication skills. Qualifications & Experience: Degrees non-essential - equivalent prior work experience in the field, a must. Industry standard certifications (GCFA, GNFA, GCFE, CFCE, OSCP, CREST etc) are a plus but not essential. Memberships and participation in relevant professional associations (ISC2, ISACA etc). Previous contributions to the industry (conference talks, code projects, volunteering). Job: TECHNOLOGY Organization: Corporate Strategy & Technology Schedule: FULL_TIME Req ID: 9085
Dec 06, 2022
Full time
Director - Cyber Defense Operations DFIR The Director Cyber Defence Operations is responsible for leading a global team providing proactive threat detection and response capabilities across a vast technology environment encompassing both traditional on-premise and cutting-edge cloud native assets. The role will drive the strategic direction of the function, as well as providing hands-on expertise in predicting, preventing, detecting and responding to security threats of all types and sophistications. The Director Cyber Defence Operations will be a vocal proponent of modern approaches to autonomic security operations, driving a threat intelligence lead, data driven and engineering rooted philosophy across the team and wider business. The ideal candidate will be as comfortable presenting to senior stakeholders as they are deep in the depths of a complex and multi-faceted digital forensics investigation and will thrive on coming up with exciting new solutions to a broad range of standard and cutting-edge problems and seeing them through from design to execution. The Director Cyber Defence Operations will be a role model to the team and will succeed by continually upskilling others through their experiences, mindset and capabilities. Always challenging the status quo, looking at areas for development and not being afraid to seek out and eradicate problems to ensure the security of the business. Key Responsibilities: Lead and manage a global team of specialists performing continuous threat detection and response operations including: Signals acquisition Detection engineering Attack analysis Proactive threat hunting Incident response / incident management Digital forensics / malware analysis Own, develop, maintain and exercise cyber incident response plans, processes and playbooks. Work closely with Security Engineering teams to: Recommend system tuning/configuration improvements. Leverage and oversee automation & orchestration initiatives. Identify opportunities for application of data science techniques. Drive strategic capability development roadmap for TDR. Integration and exploitation of cyber threat intelligence in conjunction with internal CTI team and external sources. Ensure operational excellence through measurements, KPIs, reporting and continual process improvement. Evangelise forward thinking data and engineering lead operational models such as: Detection-as-code Autonomic security operations DevSecOps Continuous validation/testing Cloud-native security operations. Develop and manage a personnel skill and capabilities development framework. Continuous professional development through training, conferences and self-education. Required Skills: Significant and demonstrable experience working in advanced detection, threat hunting and/or incident response function as a lead. Experience developing incident response processes and supporting documentation. Understanding and application of proactive hypothesis-based threat hunting methodologies. Application and exploitation of common frameworks such as MITRE ATT&CK, NIST etc. Proficient in performing complex investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools across Windows, MacOS and Linux. Hands-on experience with modern detection technologies such as EDR/XDR, SIEM (Splunk/Sentinel), SOAR, NIPS/HIPS. Extensive knowledge of networking concepts, including network detection and response tooling and intrusion prevention (Snort, Zeek, Suricata etc.) Proficient with investigating large-scale data compromise events across a hybrid on-premise, public and private cloud environment (AWS, Azure, GCP preferred). Understanding and experience investigating and responding to incidents in cloud native technologies such as containers (Kubernetes, AWS ECS/Fargate) and serverless (AWS Lambda). Knowledge of digital forensics forensic best practices and industry standard methodologies including chain of custody, evidence acquisition and appropriate tooling (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.) Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners. Proficiency in at least one or more modern programming or scripting languages (Python, Go, Rust etc.) Evidence of previous security solution design, implementation and engineering successes. Understating of DevSecOps approach and implementation of "everything-as-code" models. Experience acting as a technical team lead and mentor to junior team members. Strong verbal and written communication skills. Qualifications & Experience: Degrees non-essential - equivalent prior work experience in the field, a must. Industry standard certifications (GCFA, GNFA, GCFE, CFCE, OSCP, CREST etc) are a plus but not essential. Memberships and participation in relevant professional associations (ISC2, ISACA etc). Previous contributions to the industry (conference talks, code projects, volunteering). Job: TECHNOLOGY Organization: Corporate Strategy & Technology Schedule: FULL_TIME Req ID: 9085
Term: Permanent Department: Privacy & Data Protection Location: London The Team Fieldfisher's Privacy, Security and Information team is one of the largest and most specialised European privacy and data protection teams, with a truly global outlook. We are a specialist, market-leading team with international coverage, including offices in Europe, China and the USA (Silicon Valley), and a unique expertise gained over years of advising on business-critical global privacy and data protection projects and technology work. We advise clients across the whole spectrum of data privacy and data security law: from large, multinational blue-chip clients through to disruptive start-ups designing for compliance on a limited budget. Our clients come from all possible industries and sectors: from digital media, technology and cloud businesses through to retail, financial services, professional services and healthcare. Through our Silicon Valley footprint, we also have a particularly strong relationship with leading brand US-led technology companies operating in Europe. Our Privacy, Security and Information team aligns itself across three broad privacy pillars: 1. Operational Compliance: We advise our clients on policies, procedures and practices to ensure their operational processes are compliant with data protection requirements. We also advise on the wide range of practical and strategic implications presented by operational compliance issues. 2. Commercial and Product: We work with some of the largest and most sophisticated companies in the world on commercial and product-related data protection work. We guide clients to achieve their commercial and product-oriented goals in a way that provides effective protection for individuals' data. 3. Cyber and crisis-management: Recent legislation has introduced new requirements for reporting cyber security incidents to both regulators and to affected individuals. At the same time, it has removed barriers for individuals making requests to access significant volumes of data. We help our clients prepare for these risks and mitigate for them as and when they arise. Responsibilities We are looking for an ambitious-senior level lawyer (Senior Associate to Director level) to join our team in London. Candidates must have experience of international data privacy and security matters. Experience advising clients on complex technology issues (e.g. augmented reality and virtual reality issues), cloud technologies and adtech issues is particularly welcomed. The selected candidate will report primarily to Phil Lee, a partner in the team. You will be working on a whole range of privacy, data protection and data security matters, including compliance with the EU and UK General Data Protection Regulation, international data transfers, data security breaches, direct marketing and ePrivacy as well as a whole range of global privacy and data protection matters, including, BCRs and Standard Contractual Clauses and tech and e-marketing issues. In particular, we are looking for a candidate who can play a leading role in supporting our team's large adtech and complex technology client base, and has the skills, experience and confidence to act with a high level of autonomy. The role will involve taking instructions and managing, coordinating, and advising on a diverse range of issues. These instructions will include advising on innovative legal issues, commercial contract drafting, DPA negotiations with customers and suppliers, direct marketing and cookie compliance advice, subject access request management, security incident response, product compliance reviews, acting on regulatory enquiries, and more. This support will predominantly be provided from Fieldfisher's London offices. Whilst there is a preference for full-time candidates, part-time candidates and flexible working will also be considered and we will consider talented non UK qualified lawyers with relevant experience. Key Skills & Experience The ideal candidate should meet the following criteria: A qualified lawyer with relevant post-qualification experience Proven experience in EU and UK privacy law and data protection matters. Strong interpersonal and client relationship skills An ability to work independently and manage large projects with minimal partner supervision. A team player who is able to delegate and effectively supervise the work of more junior lawyers, trainees and paralegals Technically competent but able to digest, apply and communicate the law in a commercial and pragmatic way that achieves our clients' objectives. Excellent academic history. Experience and a keen interest in marketing and business development. A confident and professional manner. Excellent oral and written communication skills The Firm Fieldfisher is a European law firm with market leading practices in many of the world's most dynamic sectors. We are an exciting, forward-thinking organisation with a particular focus on technology, finance & financial services, energy & natural resources, life sciences and media. Our growing European network of offices supports an international client base alongside our Silicon Valley and China colleagues. We also work in a number of other jurisdictions through dedicated country teams. Among our technology clients, we count Silicon Valley star-ups and blue chip tech companies, social media platforms and streaming video services, enterprise cloud vendors and complex advertising technology businesses. We also have a wide array of wider life sciences, energy, and financial services clients. Clients choose to work with us because we deliver commercial, pragmatic and innovative solutions through our exceptional legal expertise and experience, on time and on budget. Our lawyers are legally astute, but commercially realistic. Our network has more than 1000 people working across 20 offices providing highly commercial advice based on an in-depth understanding of our clients' needs. We operate across our offices in Amsterdam, Barcelona, Beijing, Belfast, Birmingham, Bologna, Brussels, Dublin, Düsseldorf, Frankfurt, Guangzhou, Hamburg, London, Luxembourg, Madrid, Manchester, Milan, Munich, Paris, Rome, Shanghai, Silicon Valley, Turin and Venice. Fieldfisher was ranked in The Times Best Law Firms 2021 for the third year in a row. The ranking, based on recommendations from peers, is an endorsement of the firm's client focus and legal expertise. Fieldfisher aims to ensure equality of opportunity and we are actively working towards improving the diversity of our staff. All applications will only be considered on merit and the applicant's suitability to meet the requirements of the role.
Dec 02, 2022
Full time
Term: Permanent Department: Privacy & Data Protection Location: London The Team Fieldfisher's Privacy, Security and Information team is one of the largest and most specialised European privacy and data protection teams, with a truly global outlook. We are a specialist, market-leading team with international coverage, including offices in Europe, China and the USA (Silicon Valley), and a unique expertise gained over years of advising on business-critical global privacy and data protection projects and technology work. We advise clients across the whole spectrum of data privacy and data security law: from large, multinational blue-chip clients through to disruptive start-ups designing for compliance on a limited budget. Our clients come from all possible industries and sectors: from digital media, technology and cloud businesses through to retail, financial services, professional services and healthcare. Through our Silicon Valley footprint, we also have a particularly strong relationship with leading brand US-led technology companies operating in Europe. Our Privacy, Security and Information team aligns itself across three broad privacy pillars: 1. Operational Compliance: We advise our clients on policies, procedures and practices to ensure their operational processes are compliant with data protection requirements. We also advise on the wide range of practical and strategic implications presented by operational compliance issues. 2. Commercial and Product: We work with some of the largest and most sophisticated companies in the world on commercial and product-related data protection work. We guide clients to achieve their commercial and product-oriented goals in a way that provides effective protection for individuals' data. 3. Cyber and crisis-management: Recent legislation has introduced new requirements for reporting cyber security incidents to both regulators and to affected individuals. At the same time, it has removed barriers for individuals making requests to access significant volumes of data. We help our clients prepare for these risks and mitigate for them as and when they arise. Responsibilities We are looking for an ambitious-senior level lawyer (Senior Associate to Director level) to join our team in London. Candidates must have experience of international data privacy and security matters. Experience advising clients on complex technology issues (e.g. augmented reality and virtual reality issues), cloud technologies and adtech issues is particularly welcomed. The selected candidate will report primarily to Phil Lee, a partner in the team. You will be working on a whole range of privacy, data protection and data security matters, including compliance with the EU and UK General Data Protection Regulation, international data transfers, data security breaches, direct marketing and ePrivacy as well as a whole range of global privacy and data protection matters, including, BCRs and Standard Contractual Clauses and tech and e-marketing issues. In particular, we are looking for a candidate who can play a leading role in supporting our team's large adtech and complex technology client base, and has the skills, experience and confidence to act with a high level of autonomy. The role will involve taking instructions and managing, coordinating, and advising on a diverse range of issues. These instructions will include advising on innovative legal issues, commercial contract drafting, DPA negotiations with customers and suppliers, direct marketing and cookie compliance advice, subject access request management, security incident response, product compliance reviews, acting on regulatory enquiries, and more. This support will predominantly be provided from Fieldfisher's London offices. Whilst there is a preference for full-time candidates, part-time candidates and flexible working will also be considered and we will consider talented non UK qualified lawyers with relevant experience. Key Skills & Experience The ideal candidate should meet the following criteria: A qualified lawyer with relevant post-qualification experience Proven experience in EU and UK privacy law and data protection matters. Strong interpersonal and client relationship skills An ability to work independently and manage large projects with minimal partner supervision. A team player who is able to delegate and effectively supervise the work of more junior lawyers, trainees and paralegals Technically competent but able to digest, apply and communicate the law in a commercial and pragmatic way that achieves our clients' objectives. Excellent academic history. Experience and a keen interest in marketing and business development. A confident and professional manner. Excellent oral and written communication skills The Firm Fieldfisher is a European law firm with market leading practices in many of the world's most dynamic sectors. We are an exciting, forward-thinking organisation with a particular focus on technology, finance & financial services, energy & natural resources, life sciences and media. Our growing European network of offices supports an international client base alongside our Silicon Valley and China colleagues. We also work in a number of other jurisdictions through dedicated country teams. Among our technology clients, we count Silicon Valley star-ups and blue chip tech companies, social media platforms and streaming video services, enterprise cloud vendors and complex advertising technology businesses. We also have a wide array of wider life sciences, energy, and financial services clients. Clients choose to work with us because we deliver commercial, pragmatic and innovative solutions through our exceptional legal expertise and experience, on time and on budget. Our lawyers are legally astute, but commercially realistic. Our network has more than 1000 people working across 20 offices providing highly commercial advice based on an in-depth understanding of our clients' needs. We operate across our offices in Amsterdam, Barcelona, Beijing, Belfast, Birmingham, Bologna, Brussels, Dublin, Düsseldorf, Frankfurt, Guangzhou, Hamburg, London, Luxembourg, Madrid, Manchester, Milan, Munich, Paris, Rome, Shanghai, Silicon Valley, Turin and Venice. Fieldfisher was ranked in The Times Best Law Firms 2021 for the third year in a row. The ranking, based on recommendations from peers, is an endorsement of the firm's client focus and legal expertise. Fieldfisher aims to ensure equality of opportunity and we are actively working towards improving the diversity of our staff. All applications will only be considered on merit and the applicant's suitability to meet the requirements of the role.
Introduction: Widely considered to be leading players in the Oracle HCM/ERP marketplace in the UK, including Manufacturing/SCM/Warehousing, we offer a warm, friendly atmosphere, interesting & challenging work with a professional & experienced Team, good career advancement opportunities and we are expanding, creating a myriad of new opportunities. With plenty of scope for up-skilling and gaining further accreditation, we are also considered good payers (see below for Package details and also how to make your application); we believe in fairly rewarding our staff for their hard work and loyalty. Lead Oracle Manufacturing & SCM Consultant (Home/Hybrid) Job Purpose: The Symatrix support team provides applications support to a broad range of external clients, covering the entire suite including Oracle Financials, Procurement, Projects and Supply Chain Management. Symatrix supports both Oracle eBusiness Suite and Oracle Cloud Applications The main purpose of this role is to provide professional, effective, and efficient support to Oracle Supply Chain Management (SCM) clients to ensure that the Symatrix team maintains a high level of service and meets each client's Service Level Agreements and expectations Main Duties and Responsibilities: Provide reactive support for Oracle SCM applications suite by telephone, online case portal and email. Functional problem investigation and resolution within defined SLAs. Performing root cause analysis and identify solutions that will prevent incidents from recurring. Management of change requests through the software development life cycle. Management of client Service Requests with Oracle, enhancing Oracle's ability to provide a fix with rapid response timescales, and intelligent problem investigation Management of testing and implementation life cycles, through to go live and client signoff. Prepare comprehensive documentation for changes (including defect fixes) - these include Functional Design Documents, Technical Design Documents, Configuration Documents, Test Scripts and Test Results. To remain abreast of the latest patches and product releases, to ensure that our clients are kept up to date with these patches and product releases, in order that they comply with latest legislation To be aware of latest functionality developments, identifying potential configuration opportunities that would benefit Symatrix' support customers To be responsible for identifying and undertaking training and personal development to meet business needs To be responsible for upskilling junior support analysts and help grow the knowledge base across the team To work as part of a wider team, supporting and training colleagues where necessary. To fulfil, on occasions, other reasonable duties which may be required to be undertaken in the consultancy arm of Symatrix, to meet business and customer needs Please Note: This is a Security Cleared Role (SC level of Clearance) and although you don't need to have active SC now, as a pre-requisite when making an application, you will need to be eligible to gain SC level of Clearance Your Knowledge: Strong implementation or support experience in Oracle Supply Chain Management. Experience is at least 4 of the following areas/modules is essential. Inventory Bill of Materials Work in Process MRP Project Manufacturing Warehouse Management Service, Order Management Quality Good knowledge of Oracle SQL and PLSQL, Workflow, Approvals Management (AME), Integrations and Customisations (forms development, forms, and OAF personalisations) Strong understanding of service management processes such as Incident Management, Problem Management and Change Management. Commitment to delivering the highest standards of customer care Proven ability to build and manage client customer relationships. Ability to communicate clearly and concisely at all levels of the business. Ability to prioritise and work on incidents in parallel to team lead responsibilities. Benefits Package: Competitive Salary, Company Pension, 25 days holiday, option to buy an additional 5 holiday days, your own birthday as an additional holiday after two years' service, flexible working, eye tests, private health care (with the leading health care provider), DIS benefit, cycle to work scheme, childcare vouchers, share option scheme, excellent training and learning opportunities. What to do next (how to apply): If you are a strong Oracle SCM/Manufacturing Consultant at a Lead level, or are looking to move into a Lead role and you are searching for a new opportunity, then you have come to the right place and at definitely the right time; please send your application to our Talent Acquisition Specialist (See below for details). Remember; all applications are treated in the strictest confidence, so there is no downside to you sending-in a CV. Why Symatrix? We were founded in 2000 with the specific focus of providing services and expertise to organisations looking to implement and leverage Oracle HCM. We have come a long way since then. Today we believe that all customers should be able to make their business applications work harder for them and provide the returns and the benefits they expected. Everything we do supports this belief. We provide Consulting as well as end-to-end managed services for HCM and ERP on premise or in the Cloud - from Applications Support and Testing as a Service through to Managed Payroll and Process Improvement services, not to mention our award-winning Oracle Practice! In fact, because we truly listen, our services have all developed from customer demand. After the introduction of Cloud, we added Environment Management and Testing as a Service to our kit bag to complement our application support and change services. Our Consulting services have evolved to support Cloud and we have retained our award-winning on-premise expertise. We also created an exciting suite of services to help our customers manage and improve their processes, which really help to move our customers from adopting Cloud to embracing Cloud . All of this we deliver on Oracle's ERP Cloud, HCM Cloud, E-business Suite and Peoplesoft applications. We are delighted to be able to say that we're an ISO27001, BACS and Cyber Essentials accredited business but there are many reasons that we're proud of what we've achieved over the years.
Sep 20, 2022
Full time
Introduction: Widely considered to be leading players in the Oracle HCM/ERP marketplace in the UK, including Manufacturing/SCM/Warehousing, we offer a warm, friendly atmosphere, interesting & challenging work with a professional & experienced Team, good career advancement opportunities and we are expanding, creating a myriad of new opportunities. With plenty of scope for up-skilling and gaining further accreditation, we are also considered good payers (see below for Package details and also how to make your application); we believe in fairly rewarding our staff for their hard work and loyalty. Lead Oracle Manufacturing & SCM Consultant (Home/Hybrid) Job Purpose: The Symatrix support team provides applications support to a broad range of external clients, covering the entire suite including Oracle Financials, Procurement, Projects and Supply Chain Management. Symatrix supports both Oracle eBusiness Suite and Oracle Cloud Applications The main purpose of this role is to provide professional, effective, and efficient support to Oracle Supply Chain Management (SCM) clients to ensure that the Symatrix team maintains a high level of service and meets each client's Service Level Agreements and expectations Main Duties and Responsibilities: Provide reactive support for Oracle SCM applications suite by telephone, online case portal and email. Functional problem investigation and resolution within defined SLAs. Performing root cause analysis and identify solutions that will prevent incidents from recurring. Management of change requests through the software development life cycle. Management of client Service Requests with Oracle, enhancing Oracle's ability to provide a fix with rapid response timescales, and intelligent problem investigation Management of testing and implementation life cycles, through to go live and client signoff. Prepare comprehensive documentation for changes (including defect fixes) - these include Functional Design Documents, Technical Design Documents, Configuration Documents, Test Scripts and Test Results. To remain abreast of the latest patches and product releases, to ensure that our clients are kept up to date with these patches and product releases, in order that they comply with latest legislation To be aware of latest functionality developments, identifying potential configuration opportunities that would benefit Symatrix' support customers To be responsible for identifying and undertaking training and personal development to meet business needs To be responsible for upskilling junior support analysts and help grow the knowledge base across the team To work as part of a wider team, supporting and training colleagues where necessary. To fulfil, on occasions, other reasonable duties which may be required to be undertaken in the consultancy arm of Symatrix, to meet business and customer needs Please Note: This is a Security Cleared Role (SC level of Clearance) and although you don't need to have active SC now, as a pre-requisite when making an application, you will need to be eligible to gain SC level of Clearance Your Knowledge: Strong implementation or support experience in Oracle Supply Chain Management. Experience is at least 4 of the following areas/modules is essential. Inventory Bill of Materials Work in Process MRP Project Manufacturing Warehouse Management Service, Order Management Quality Good knowledge of Oracle SQL and PLSQL, Workflow, Approvals Management (AME), Integrations and Customisations (forms development, forms, and OAF personalisations) Strong understanding of service management processes such as Incident Management, Problem Management and Change Management. Commitment to delivering the highest standards of customer care Proven ability to build and manage client customer relationships. Ability to communicate clearly and concisely at all levels of the business. Ability to prioritise and work on incidents in parallel to team lead responsibilities. Benefits Package: Competitive Salary, Company Pension, 25 days holiday, option to buy an additional 5 holiday days, your own birthday as an additional holiday after two years' service, flexible working, eye tests, private health care (with the leading health care provider), DIS benefit, cycle to work scheme, childcare vouchers, share option scheme, excellent training and learning opportunities. What to do next (how to apply): If you are a strong Oracle SCM/Manufacturing Consultant at a Lead level, or are looking to move into a Lead role and you are searching for a new opportunity, then you have come to the right place and at definitely the right time; please send your application to our Talent Acquisition Specialist (See below for details). Remember; all applications are treated in the strictest confidence, so there is no downside to you sending-in a CV. Why Symatrix? We were founded in 2000 with the specific focus of providing services and expertise to organisations looking to implement and leverage Oracle HCM. We have come a long way since then. Today we believe that all customers should be able to make their business applications work harder for them and provide the returns and the benefits they expected. Everything we do supports this belief. We provide Consulting as well as end-to-end managed services for HCM and ERP on premise or in the Cloud - from Applications Support and Testing as a Service through to Managed Payroll and Process Improvement services, not to mention our award-winning Oracle Practice! In fact, because we truly listen, our services have all developed from customer demand. After the introduction of Cloud, we added Environment Management and Testing as a Service to our kit bag to complement our application support and change services. Our Consulting services have evolved to support Cloud and we have retained our award-winning on-premise expertise. We also created an exciting suite of services to help our customers manage and improve their processes, which really help to move our customers from adopting Cloud to embracing Cloud . All of this we deliver on Oracle's ERP Cloud, HCM Cloud, E-business Suite and Peoplesoft applications. We are delighted to be able to say that we're an ISO27001, BACS and Cyber Essentials accredited business but there are many reasons that we're proud of what we've achieved over the years.
Contents Location About the job Benefits Things you need to know Apply and further information Location Belfast, Cardiff, Darlington, Edinburgh, London About the job Summary Join a team at the heart of the global economy! We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video ! Our Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas. Youll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade. Job description This role sits within the DIT Security Operations Centre (SOC), which is responsible for the identification and handling of security threats. You will be responsible for the monitoring aspects of the SOCs Target Operating Model (TOM) at a high level, acting as the final point of escalation for the resolution of incidents identified by SOC analysts. A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DITs capability to detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility. Responsibilities Responsibilities In your day-to-day role, you will: Lead the implementation of the DIT monitoring policyand management of the SOC TOM, providing expert advice to junior SOC staff. Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis. Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunterand in line with DITs policies. Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders. Be responsible for defining the vision, principles, and strategy for incident response. Essential Skills and Experience You should be able to demonstrate essential skills and experience of: Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities . Demonstrable experience with KQL or similar query language . Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience in cyber security incident management . Effective verbal and written communication skills. Demonstrable knowledge and experience of intrusion detection and analysis skills . Desirable Skills and Experience While not essential, it would be ideal if you have demonstrable skills and experience of: SIEM and Security Software, especially Microsoft Professional information security certification CISSP or similar. Experience of working in a multi-cloud environment. Knowledge or experience of forensics. Benefits Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Security Successful candidates must pass a disclosure and barring security check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check . See our vetting charter . People working with government assets must complete basic personnel security standard checks. Selection process details We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way. Assessment and Interview As part of the application process you will be asked to upload a CV which outlines your experience, skills and fit for the role. At the sift stage for this role, Inspire People will assess you against the essential criteria listed above to compile a long list of applications. If you are progressed through to this stage, you will be asked to complete a short, pre-recorded video interview with Inspire People or provide written answers to questions. These applications will then be sifted by DIT hiring managers. Initial sifting will take place the week commencing 26th September, with CV submissions to DIT on the 30th September. Interviews will take place the week commencing 10th October. Please note that these dates are indicative and may be subject to change. At the interview stage for this role, we will assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around Behaviours and Technical skills, which are part of the Civil Service Success Profiles . The technical element within the interview, where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context, will assess against these Technical Skills: Intrusion detection and analysis Threat intelligence and assessment Incident management, investigation, and response Information risk assessment and risk management Applied security capability Query language expertise You will also be assessed against the Behaviours of: Developing Self and Others Changing and Improving Delivering at Pace Offer Stage Appointments may be made to candidates in merit order based on location preferences. The salary we will offer is determined using interview performance. Scores at interview translate to proficiency levels and an associated salary. Once a successful candidate has a proficiency level and is part of the capability framework, they will be given opportunities to self-assess to progress through the pay scale within their grade during their time at DIT. For further explanation of proficiency levels and more information about DDaT click here. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. If successful and transferring from another Government Department a criminal record check may be carried out. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you. Please note the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role. Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at New entrants are expected to join on the minimum of the pay band. Reasonable adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs. Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: ..... click apply for full job details
Sep 09, 2022
Full time
Contents Location About the job Benefits Things you need to know Apply and further information Location Belfast, Cardiff, Darlington, Edinburgh, London About the job Summary Join a team at the heart of the global economy! We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video ! Our Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas. Youll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade. Job description This role sits within the DIT Security Operations Centre (SOC), which is responsible for the identification and handling of security threats. You will be responsible for the monitoring aspects of the SOCs Target Operating Model (TOM) at a high level, acting as the final point of escalation for the resolution of incidents identified by SOC analysts. A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DITs capability to detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility. Responsibilities Responsibilities In your day-to-day role, you will: Lead the implementation of the DIT monitoring policyand management of the SOC TOM, providing expert advice to junior SOC staff. Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis. Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunterand in line with DITs policies. Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders. Be responsible for defining the vision, principles, and strategy for incident response. Essential Skills and Experience You should be able to demonstrate essential skills and experience of: Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities . Demonstrable experience with KQL or similar query language . Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience in cyber security incident management . Effective verbal and written communication skills. Demonstrable knowledge and experience of intrusion detection and analysis skills . Desirable Skills and Experience While not essential, it would be ideal if you have demonstrable skills and experience of: SIEM and Security Software, especially Microsoft Professional information security certification CISSP or similar. Experience of working in a multi-cloud environment. Knowledge or experience of forensics. Benefits Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Security Successful candidates must pass a disclosure and barring security check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check . See our vetting charter . People working with government assets must complete basic personnel security standard checks. Selection process details We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way. Assessment and Interview As part of the application process you will be asked to upload a CV which outlines your experience, skills and fit for the role. At the sift stage for this role, Inspire People will assess you against the essential criteria listed above to compile a long list of applications. If you are progressed through to this stage, you will be asked to complete a short, pre-recorded video interview with Inspire People or provide written answers to questions. These applications will then be sifted by DIT hiring managers. Initial sifting will take place the week commencing 26th September, with CV submissions to DIT on the 30th September. Interviews will take place the week commencing 10th October. Please note that these dates are indicative and may be subject to change. At the interview stage for this role, we will assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around Behaviours and Technical skills, which are part of the Civil Service Success Profiles . The technical element within the interview, where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context, will assess against these Technical Skills: Intrusion detection and analysis Threat intelligence and assessment Incident management, investigation, and response Information risk assessment and risk management Applied security capability Query language expertise You will also be assessed against the Behaviours of: Developing Self and Others Changing and Improving Delivering at Pace Offer Stage Appointments may be made to candidates in merit order based on location preferences. The salary we will offer is determined using interview performance. Scores at interview translate to proficiency levels and an associated salary. Once a successful candidate has a proficiency level and is part of the capability framework, they will be given opportunities to self-assess to progress through the pay scale within their grade during their time at DIT. For further explanation of proficiency levels and more information about DDaT click here. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. If successful and transferring from another Government Department a criminal record check may be carried out. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you. Please note the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role. Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at New entrants are expected to join on the minimum of the pay band. Reasonable adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs. Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: ..... click apply for full job details
Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC's clients. In a recent PwC survey it remains the top risk in the minds of CEO's globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale. At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise. As one of the largest cyber security specialist consulting practices in the UK, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs. Our practice is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely. We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm. The Role We are seeking a number of experienced consulting Senior Managers to join our "Government and Public Sector" advisory team within our Cyber security practice, to respond to strong demand-led growth. The cyber security advisory team helps clients to understand their cyber risks and define and execute a strategy which enables the business to deliver its objectives within their desired risk envelope. We support client leadership teams to define their risk appetite and a proportionate target state of cyber capability and maturity to deliver it; we define operating and governance models to make cyber security a sustainable capability which responds to evolving business priorities; we deliver complex multi-year transformation programmes both uplifting clients' cyber security capability, and baking cyber security in to other transformation agendas. The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Defence & Security Healthcare Public Sector Transport You may have worked within a government or public sector organisation or across multiple private sector industries, or have developed a deep specialism in a particular sector. Whichever of these describes you, you will be developing a strong track record of credibility as a trusted advisor to senior business stakeholders on cyber security. You will also have strong relationship building skills and you will be starting to demonstrate a track record of identifying opportunities to serve clients, develop new business and you'll be keen to support our practice senior leaders to respond to client needs and win new work. ResponsibilitiesClient service Managing and delivering cyber security and cyber risk assignments, including producing documentation and reports, and quality assuring the work produced by junior team members. Working as a subject matter expert in your particular field to support a team, and/or managing a larger team in delivering engagements at scale. Maintaining awareness of key business and industry trends, and understanding how they impact responses to cyber risk. Providing our clients with trusted advice, rooted in a pragmatic understanding of their business situation and objectives, to help them navigate complex, risk-driven Cyber decisions. Business and practice development Building client relationships and establishing credibility by demonstrating knowledge of various aspects of cyber security, and identify opportunities where PwC can assist. Identifying client issues and qualifying opportunities for PwC to respond to those challenges, and working with senior members of the team in developing client proposals and solution offerings. Driving the development of toolkits, methodologies and accelerators. Helping recruit, retain and develop other cyber security team members. Skills & Experience Excellent communication skills - both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate recommendations and actions succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client's needs). A keen eye for detail and strong focus on encouraging quality work by all team members, and a constructive approach to developing and mentoring colleagues with those goals in mind. Experience of business development or sales, including leading bid teams, and experience of writing winning proposals and RFP responses. Experience helping clients effect substantial and complex business change, and experience of assuring or enabling change at scale is essential. Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Broad range of cyber and information security skills, knowledge and experience, perhaps underpinned by a deeper SME in one of our key advisory practice areas (see ) or in one or more of the industries mentioned above. We welcome applications from candidates who have spent time working "in-house" in a relevant organisation, but it is likely that you will have gained at least some of your experience working in a business-oriented consulting environment where you have supported or provided advice to clients' senior business leaders, and relationship-based business development experience is essential. Industry and Location The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Healthcare Public Sector Transport We welcome applications from candidates with experience in any combination of these industries, or specialists who have deep expertise and credibility in the cyber security agenda of one of them. We have major cyber practice hubs in six major cities across the UK, and these roles are likely to be based in: London (Charing Cross) Reading Birmingham Manchester or Edinburgh Depending on your experience and skillset and any industry vertical focus you may bring, we will however consider a base location at any of PwC's UK offices. We are a national practice which serves clients across the UK and EMEA, and willingness to travel to support client needs is essential; however we actively support and promote flexible and hybrid working consistent with business and client needs. What you will get Our purpose as a cyber security practice is to help solve complex problems and build a secure digital society. Within our practice, you will have the opportunity to broaden experience across industries, manage teams in delivering engagements at scale, build relationships with clients and senior groups, and be involved in big business changes. You'll contribute to delivering cyber security to some of the world's most iconic companies and brands, and to helping them to build their cyber defences, assure those defences and respond to incidents. Working in cyber security at PwC will give you unparalleled breadth of experience, and insight into how a wide range of client businesses work. You'll work in a team where we mix a supportive and collaborative culture with a challenging and high performance one. You'll be rewarded for your contribution and impact in building our business and delivering on our purpose. You'll be supported to develop your career by an experienced and close-knit team of Partners and Directors who will invest in your career and experience and provide you with mentoring and coaching to transition to PwC and grow your career in our firm. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities..... click apply for full job details
Dec 08, 2021
Full time
Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC's clients. In a recent PwC survey it remains the top risk in the minds of CEO's globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale. At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise. As one of the largest cyber security specialist consulting practices in the UK, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs. Our practice is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely. We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm. The Role We are seeking a number of experienced consulting Senior Managers to join our "Government and Public Sector" advisory team within our Cyber security practice, to respond to strong demand-led growth. The cyber security advisory team helps clients to understand their cyber risks and define and execute a strategy which enables the business to deliver its objectives within their desired risk envelope. We support client leadership teams to define their risk appetite and a proportionate target state of cyber capability and maturity to deliver it; we define operating and governance models to make cyber security a sustainable capability which responds to evolving business priorities; we deliver complex multi-year transformation programmes both uplifting clients' cyber security capability, and baking cyber security in to other transformation agendas. The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Defence & Security Healthcare Public Sector Transport You may have worked within a government or public sector organisation or across multiple private sector industries, or have developed a deep specialism in a particular sector. Whichever of these describes you, you will be developing a strong track record of credibility as a trusted advisor to senior business stakeholders on cyber security. You will also have strong relationship building skills and you will be starting to demonstrate a track record of identifying opportunities to serve clients, develop new business and you'll be keen to support our practice senior leaders to respond to client needs and win new work. ResponsibilitiesClient service Managing and delivering cyber security and cyber risk assignments, including producing documentation and reports, and quality assuring the work produced by junior team members. Working as a subject matter expert in your particular field to support a team, and/or managing a larger team in delivering engagements at scale. Maintaining awareness of key business and industry trends, and understanding how they impact responses to cyber risk. Providing our clients with trusted advice, rooted in a pragmatic understanding of their business situation and objectives, to help them navigate complex, risk-driven Cyber decisions. Business and practice development Building client relationships and establishing credibility by demonstrating knowledge of various aspects of cyber security, and identify opportunities where PwC can assist. Identifying client issues and qualifying opportunities for PwC to respond to those challenges, and working with senior members of the team in developing client proposals and solution offerings. Driving the development of toolkits, methodologies and accelerators. Helping recruit, retain and develop other cyber security team members. Skills & Experience Excellent communication skills - both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate recommendations and actions succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client's needs). A keen eye for detail and strong focus on encouraging quality work by all team members, and a constructive approach to developing and mentoring colleagues with those goals in mind. Experience of business development or sales, including leading bid teams, and experience of writing winning proposals and RFP responses. Experience helping clients effect substantial and complex business change, and experience of assuring or enabling change at scale is essential. Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Broad range of cyber and information security skills, knowledge and experience, perhaps underpinned by a deeper SME in one of our key advisory practice areas (see ) or in one or more of the industries mentioned above. We welcome applications from candidates who have spent time working "in-house" in a relevant organisation, but it is likely that you will have gained at least some of your experience working in a business-oriented consulting environment where you have supported or provided advice to clients' senior business leaders, and relationship-based business development experience is essential. Industry and Location The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Healthcare Public Sector Transport We welcome applications from candidates with experience in any combination of these industries, or specialists who have deep expertise and credibility in the cyber security agenda of one of them. We have major cyber practice hubs in six major cities across the UK, and these roles are likely to be based in: London (Charing Cross) Reading Birmingham Manchester or Edinburgh Depending on your experience and skillset and any industry vertical focus you may bring, we will however consider a base location at any of PwC's UK offices. We are a national practice which serves clients across the UK and EMEA, and willingness to travel to support client needs is essential; however we actively support and promote flexible and hybrid working consistent with business and client needs. What you will get Our purpose as a cyber security practice is to help solve complex problems and build a secure digital society. Within our practice, you will have the opportunity to broaden experience across industries, manage teams in delivering engagements at scale, build relationships with clients and senior groups, and be involved in big business changes. You'll contribute to delivering cyber security to some of the world's most iconic companies and brands, and to helping them to build their cyber defences, assure those defences and respond to incidents. Working in cyber security at PwC will give you unparalleled breadth of experience, and insight into how a wide range of client businesses work. You'll work in a team where we mix a supportive and collaborative culture with a challenging and high performance one. You'll be rewarded for your contribution and impact in building our business and delivering on our purpose. You'll be supported to develop your career by an experienced and close-knit team of Partners and Directors who will invest in your career and experience and provide you with mentoring and coaching to transition to PwC and grow your career in our firm. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities..... click apply for full job details
Randstad Technologies are delighted to be partnered with a leading Financial Services entity in South Wales on their search for a Cyber Security Manager. You'll be the most senior member of the Security team on site and will have full responsibility for the security strategy, as well as complete ownership of risk management processes and policies. Currently looking for someone to be on site at least 2 days a week, but could be flexible to less (or even full remote) for an outstanding candidate. Key Responsibilities: Ownership of security & risk management strategy. Compliance management. Managing security hygiene. Incident Response. Providing leadership to the security team and wider technology team as a whole. Reporting to the board. What's in it for you? Competitive salary. 10% bonus. Flexible working hours. Remote work. 33 days holiday + ability to buy more. Free on site parking. Opportunity to travel to European offices. I am unable to sponsor for this role so non EU applicants who require sponsorship will not be assessed. Randstad Technologies Ltd is a leading specialist recruitment business for the IT industry. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
Dec 07, 2021
Full time
Randstad Technologies are delighted to be partnered with a leading Financial Services entity in South Wales on their search for a Cyber Security Manager. You'll be the most senior member of the Security team on site and will have full responsibility for the security strategy, as well as complete ownership of risk management processes and policies. Currently looking for someone to be on site at least 2 days a week, but could be flexible to less (or even full remote) for an outstanding candidate. Key Responsibilities: Ownership of security & risk management strategy. Compliance management. Managing security hygiene. Incident Response. Providing leadership to the security team and wider technology team as a whole. Reporting to the board. What's in it for you? Competitive salary. 10% bonus. Flexible working hours. Remote work. 33 days holiday + ability to buy more. Free on site parking. Opportunity to travel to European offices. I am unable to sponsor for this role so non EU applicants who require sponsorship will not be assessed. Randstad Technologies Ltd is a leading specialist recruitment business for the IT industry. Please note that due to a high level of applications, we can only respond to applicants whose skills & qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary/contract vacancies we are acting as an Employment Business.
Information Security Analyst 6 Month contract role Remote Pay: up to 600 a day Inside IR35 Key Skills: Vendor assessment Main duties/responsibilities: Perform comprehensive third-party supplier information security due diligence assessments in a timely manner, report on results and recommend remediation actions Perform information security risk assessment and management activities Support corporate compliance with the General Data Protection Regulation (GDPR) from an Information Security Perspective. Support the audit and gap analysis of existing IT and business policies, processes and procedures for compliance with GDPR requirements and IT/Information Security Control framework Support the creation, implementation and maintenance of IT/Information Security standards, policies, processes and procedures in accordance with the IT/Information Security Control framework Develop and execute Information Security remediation plans in conjunction with relevant internal and external stakeholders/groups to agreed timescales. Monitoring, analysing and reporting on information security-based management metrics. Support information security audit processes. Maintain awareness of new and changed security threats through review of specialist sites such as NCSC, CERT, etc Managing the Information Security Awareness Training Program to ensure all employees develop and maintain an awareness about and comply will all applicable Information Security policies, procedures, laws and regulations. Key member of EIT Incident & GDPR Breach response teams. Provide Information Security advice and guidance for EMEA business activities and projects Collaborate with Global and Regional Compliance and Information Security team on Information Security and Data Privacy initiatives and events as required. Any other IT/Information Security tasks as requested by Manager or Director. Experience required: Demonstrated experience in an IT Security / Governance, Risk and Compliance based role. Demonstrated experience of information security management Experience of working to, implementing and maintaining compliance with ISO/IEC-27001 and other relevant frameworks (e.g. Cyber essentials, NIST). Knowledge & experience of developing and conducting risk assessments/business impact assessments. Knowledge & experience of developing and performing information security due diligence assessments of third-party organisations based on IT control frameworks such as ISO 27001. Practical experience of developing and executing remediation plans to address vulnerabilities/security risks and to achieve compliance with Information Security standards/IT control frameworks such as ISO 27001. Experience of audit work to achieve compliance with Information Security standards. Experience in implementing and managing effective ISMS controls such as incident response and business continuity Experience of working with external service providers within an Information Security role. Good knowledge of a broad range of IT technology platforms, products, services. Stakeholder management experience at both a technical and non-technical level Business/customer facing experience. Proven track record of working both in a team and independently. If you are interested please apply or send your CV to
Dec 02, 2021
Contractor
Information Security Analyst 6 Month contract role Remote Pay: up to 600 a day Inside IR35 Key Skills: Vendor assessment Main duties/responsibilities: Perform comprehensive third-party supplier information security due diligence assessments in a timely manner, report on results and recommend remediation actions Perform information security risk assessment and management activities Support corporate compliance with the General Data Protection Regulation (GDPR) from an Information Security Perspective. Support the audit and gap analysis of existing IT and business policies, processes and procedures for compliance with GDPR requirements and IT/Information Security Control framework Support the creation, implementation and maintenance of IT/Information Security standards, policies, processes and procedures in accordance with the IT/Information Security Control framework Develop and execute Information Security remediation plans in conjunction with relevant internal and external stakeholders/groups to agreed timescales. Monitoring, analysing and reporting on information security-based management metrics. Support information security audit processes. Maintain awareness of new and changed security threats through review of specialist sites such as NCSC, CERT, etc Managing the Information Security Awareness Training Program to ensure all employees develop and maintain an awareness about and comply will all applicable Information Security policies, procedures, laws and regulations. Key member of EIT Incident & GDPR Breach response teams. Provide Information Security advice and guidance for EMEA business activities and projects Collaborate with Global and Regional Compliance and Information Security team on Information Security and Data Privacy initiatives and events as required. Any other IT/Information Security tasks as requested by Manager or Director. Experience required: Demonstrated experience in an IT Security / Governance, Risk and Compliance based role. Demonstrated experience of information security management Experience of working to, implementing and maintaining compliance with ISO/IEC-27001 and other relevant frameworks (e.g. Cyber essentials, NIST). Knowledge & experience of developing and conducting risk assessments/business impact assessments. Knowledge & experience of developing and performing information security due diligence assessments of third-party organisations based on IT control frameworks such as ISO 27001. Practical experience of developing and executing remediation plans to address vulnerabilities/security risks and to achieve compliance with Information Security standards/IT control frameworks such as ISO 27001. Experience of audit work to achieve compliance with Information Security standards. Experience in implementing and managing effective ISMS controls such as incident response and business continuity Experience of working with external service providers within an Information Security role. Good knowledge of a broad range of IT technology platforms, products, services. Stakeholder management experience at both a technical and non-technical level Business/customer facing experience. Proven track record of working both in a team and independently. If you are interested please apply or send your CV to
We are currently recruiting Examiners for the BTEC Nationals (Level 3) qualification. This is a part time role which will be completed at home, and in your own time. Purpose A BTEC Nationals Examiner marks candidates' responses in accordance with the pre-defined mark scheme, whilst adhering to the Code of Practice and examination procedures. Most subjects will be marked onscreen using ePEN, which can be done from home. A few subjects are still marked in the traditional method, using paper scripts sent through the post. A high level of subject knowledge is necessary in order to apply the mark scheme. Each examiner will receive an agreed allocation of scripts. Responsibilities To mark accurately and consistently to ensure overall standards are maintained. To submit samples to your Team Leader at designated times. To ensure milestones for marking are adhered to. To ensure all administration is completed as specified. Requirements To be considered for this role applicants must have: A degree or equivalent. Experience of delivering BTEC in a relevant sector at this level, or a teaching qualification and GCE, iAL or Applied GCE teaching experience in the relevant subject. Teaching / BTEC delivery experience must be for a minimum of 1 full year. Teaching / BTEC delivery experience must be within the last 8 years. We are recruiting Examiners for the following sectors and/or specialisms: Animal Management Unit 1: Animal Breeding and Genetics Unit 2: Animal Biology Unit 3: Animal Welfare and Ethics Applied Law Unit 1: Dispute Solving in Civil Law Unit 3: Applying the Law Applied Psychology Unit 1: Psychological Approaches and Applications Unit 3: Health Psychology Applied Science Unit 1: Principles and Applications of Science I Unit 3: Science Investigation Skills Unit 5: Principles and Applications of Science II Unit 7: Contemporary Issues in Science Art and Design Unit 1: Visual recording and Communication Unit 2: Critical and Contextual Studies in Art and Design Unit 6: Managing a Client Brief Unit 7: Developing and Realising Creative Intentions Business / Enterprise Unit 2: Developing a Marketing Campaign Unit 3: Personal and Business Finance Unit 6: Principles of Management Unit 7/2/6: Business Decision Making Computing Unit 1: Principles of Computer Science Unit 2: Fundamentals of Computer Systems Unit 3: Planning and Management of Computer Systems Unit 4: Software Design and Development Project Construction Unit 1: Construction Principles Unit 2: Construction Design CPLD Unit 1: Children's Development Unit 2: Development of Children's Communication, Literacy and Numeracy Skills Unit 4: Enquiries into Current Research in early Years Practice Creative Media Unit 1: Media Representations Unit 3: Digital Media Skills Unit 5: Specialist Subject Investigation Unit 8: Responding to a Commission Engineering Unit 1: Engineering Principles Unit 3: Engineering Product Design and Manufacture Unit 6: Microcontroller Systems for Engineers Equine Management Unit 1: Equine Structure, Form and Function Unit 2: Equine Diet and Nutrition Unit 3: Managing Equine Disease Forensic and Criminal Investigation Unit 5: Applications of Criminology Unit 7: Applications of Criminal and Forensic Psychology Please note, the criteria for this sector are: 1 years' teaching experience in Psychology, Sociology or Criminology A degree in Criminology, Psychology or Sociology with some relevance in Criminology or Forensics Psychology Health and Social Care Unit 1: Human Lifespan Development Unit 2: Working in Health and Social Care Unit 3: Anatomy and Physiology for Health and Social Care Unit 4: Enquiries into Current Research in Health and Social Care IT Unit1: Information Technology Systems Unit 2: Creating Systems to Manage Information Unit 11: Cyber Security and Incident Management Unit 14: IT Service Delivery Land-Based - Agriculture / Countryside Management / Horticulture / Forestry and Arboriculture Unit 1: Professional Working Responsibilities Unit 2: Plant and Soil Science Unit 3: Contemporary Issues in the Land-Based Sectors Music Unit 2: Professional Practice in the Music Industry Unit 3: Ensemble Music Performance Music Technology Unit 5: Music Technology in Context Unit 6: DAW Production Unit 7: Music Technology Enterprise Opportunities Performing Arts Unit 1: Investigating Practitioners' Work Unit 3: Group Performance Workshop Unit 5: Individual Performance Commission Unit 7: Employment Opportunities in the Performing Arts Sport Unit 1: Anatomy and Physiology Unit 2: Fitness Training and Programming for Health, Sport and Well-being Unit 19: Development and Provision of Sport and Physical Activity Unit 22: Investigating Business in Sport & the Active Leisure Industry Sport and Exercise Science Unit 1: Sport and Exercise Physiology Unit 2: Functional Anatomy Unit 3: Applied Sport and Exercise Psychology Unit 13: Nutrition for Sport and Exercise Performance Travel and Tourism Unit 1: The World of Travel and Tourism Unit 2: Global Destinations Unit 6: The UK as a Tourist Destination Unit 7: Business Operations in Travel and Tourism About Pearson We value the power of inclusive culture and embed diversity and inclusion in everything we do. Pearson promotes a company culture where differences are embraced as strengths, opportunities are equal and accessible, consideration and respect are the norm. Through our talent, we believe that diversity and inclusion make us a more innovative and vibrant company. People are at the centre of our company. We are committed to a sustainable environment and workplace ecosystem where talent can learn, grow, and thrive. We provide content, assessment and digital services to learners, educational institutions, employers, governments and other partners globally. We are the UK's largest awarding body and offer qualifications that are globally recognised and benchmarked, with educational excellence rooted in a range of General and Vocational courses.
Dec 01, 2021
Full time
We are currently recruiting Examiners for the BTEC Nationals (Level 3) qualification. This is a part time role which will be completed at home, and in your own time. Purpose A BTEC Nationals Examiner marks candidates' responses in accordance with the pre-defined mark scheme, whilst adhering to the Code of Practice and examination procedures. Most subjects will be marked onscreen using ePEN, which can be done from home. A few subjects are still marked in the traditional method, using paper scripts sent through the post. A high level of subject knowledge is necessary in order to apply the mark scheme. Each examiner will receive an agreed allocation of scripts. Responsibilities To mark accurately and consistently to ensure overall standards are maintained. To submit samples to your Team Leader at designated times. To ensure milestones for marking are adhered to. To ensure all administration is completed as specified. Requirements To be considered for this role applicants must have: A degree or equivalent. Experience of delivering BTEC in a relevant sector at this level, or a teaching qualification and GCE, iAL or Applied GCE teaching experience in the relevant subject. Teaching / BTEC delivery experience must be for a minimum of 1 full year. Teaching / BTEC delivery experience must be within the last 8 years. We are recruiting Examiners for the following sectors and/or specialisms: Animal Management Unit 1: Animal Breeding and Genetics Unit 2: Animal Biology Unit 3: Animal Welfare and Ethics Applied Law Unit 1: Dispute Solving in Civil Law Unit 3: Applying the Law Applied Psychology Unit 1: Psychological Approaches and Applications Unit 3: Health Psychology Applied Science Unit 1: Principles and Applications of Science I Unit 3: Science Investigation Skills Unit 5: Principles and Applications of Science II Unit 7: Contemporary Issues in Science Art and Design Unit 1: Visual recording and Communication Unit 2: Critical and Contextual Studies in Art and Design Unit 6: Managing a Client Brief Unit 7: Developing and Realising Creative Intentions Business / Enterprise Unit 2: Developing a Marketing Campaign Unit 3: Personal and Business Finance Unit 6: Principles of Management Unit 7/2/6: Business Decision Making Computing Unit 1: Principles of Computer Science Unit 2: Fundamentals of Computer Systems Unit 3: Planning and Management of Computer Systems Unit 4: Software Design and Development Project Construction Unit 1: Construction Principles Unit 2: Construction Design CPLD Unit 1: Children's Development Unit 2: Development of Children's Communication, Literacy and Numeracy Skills Unit 4: Enquiries into Current Research in early Years Practice Creative Media Unit 1: Media Representations Unit 3: Digital Media Skills Unit 5: Specialist Subject Investigation Unit 8: Responding to a Commission Engineering Unit 1: Engineering Principles Unit 3: Engineering Product Design and Manufacture Unit 6: Microcontroller Systems for Engineers Equine Management Unit 1: Equine Structure, Form and Function Unit 2: Equine Diet and Nutrition Unit 3: Managing Equine Disease Forensic and Criminal Investigation Unit 5: Applications of Criminology Unit 7: Applications of Criminal and Forensic Psychology Please note, the criteria for this sector are: 1 years' teaching experience in Psychology, Sociology or Criminology A degree in Criminology, Psychology or Sociology with some relevance in Criminology or Forensics Psychology Health and Social Care Unit 1: Human Lifespan Development Unit 2: Working in Health and Social Care Unit 3: Anatomy and Physiology for Health and Social Care Unit 4: Enquiries into Current Research in Health and Social Care IT Unit1: Information Technology Systems Unit 2: Creating Systems to Manage Information Unit 11: Cyber Security and Incident Management Unit 14: IT Service Delivery Land-Based - Agriculture / Countryside Management / Horticulture / Forestry and Arboriculture Unit 1: Professional Working Responsibilities Unit 2: Plant and Soil Science Unit 3: Contemporary Issues in the Land-Based Sectors Music Unit 2: Professional Practice in the Music Industry Unit 3: Ensemble Music Performance Music Technology Unit 5: Music Technology in Context Unit 6: DAW Production Unit 7: Music Technology Enterprise Opportunities Performing Arts Unit 1: Investigating Practitioners' Work Unit 3: Group Performance Workshop Unit 5: Individual Performance Commission Unit 7: Employment Opportunities in the Performing Arts Sport Unit 1: Anatomy and Physiology Unit 2: Fitness Training and Programming for Health, Sport and Well-being Unit 19: Development and Provision of Sport and Physical Activity Unit 22: Investigating Business in Sport & the Active Leisure Industry Sport and Exercise Science Unit 1: Sport and Exercise Physiology Unit 2: Functional Anatomy Unit 3: Applied Sport and Exercise Psychology Unit 13: Nutrition for Sport and Exercise Performance Travel and Tourism Unit 1: The World of Travel and Tourism Unit 2: Global Destinations Unit 6: The UK as a Tourist Destination Unit 7: Business Operations in Travel and Tourism About Pearson We value the power of inclusive culture and embed diversity and inclusion in everything we do. Pearson promotes a company culture where differences are embraced as strengths, opportunities are equal and accessible, consideration and respect are the norm. Through our talent, we believe that diversity and inclusion make us a more innovative and vibrant company. People are at the centre of our company. We are committed to a sustainable environment and workplace ecosystem where talent can learn, grow, and thrive. We provide content, assessment and digital services to learners, educational institutions, employers, governments and other partners globally. We are the UK's largest awarding body and offer qualifications that are globally recognised and benchmarked, with educational excellence rooted in a range of General and Vocational courses.
Summary Are you looking for an organisation that cares about the work-life balance of its workforce? An employer who offers structured personal development, progression opportunities and outstanding training? Well look no further! Life moves fast at HMRC which is why we're the largest Landlord in Government! We're looking to recruit Property Specialists, Project Managers, Facilities Managers and Engineers along with candidates with expertise in a wide range of property related services that can work at pace in a fast paced and agile workplace. At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve. We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you. Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role. Job description This role is required to lead the related Design and Discovery activity for Physical Security and Resilience in HMRC Estates Directorate. To lead on identifying pan-estate security risks, defining physical security and resilience standards and contract requirements, and assuring that they are being correctly applied to minimise the risks to HMRC people, information and assets There is a requirement to evaluate threat and risks to HMRC business continuity/resilience on both the existing and new estates, which need to be addressed by the application of Physical Security principles. Physical Security is defined as; security measures that are designed to deny access to unauthorized personnel (including attackers or even accidental intruders) from physically accessing a building, facility, resource, or stored information; The provision of guidance on how to design structures and building services to resist potentially hostile acts, although there are other considerations and situations in which physical security measures are valuable (for example, limiting access within a facility and/or to specific assets) Responsibilities As our Physical Security and Resilience Lead you will be responsible for, but not limited to: • Identify security and resilience risks and develop physical security responses to avoid or mitigate these risks. • Work closely with HMRC security professionals, and those from the wider Civil Service, to integrate physical security responses with Cyber, Information and Personnel security responses to deliver a holistic solution as part of a layered and integrated approach • Identify opportunities to integrate physical security measures with actions required in other business areas • Define physical security and resilience standards for HMRC - in conjunction with other parts of the Civil Service - for all estate facilities including offices, digital facilities, car parking and warehousing • Specify physical security requirements for inclusion in construction and estates service provision contracts - including building structure, layout, barriers, lighting and support services • Specify business resilience / continuity requirements for inclusion in construction and estates services provision contracts - including power supply and stand-by power • Work collaboratively with HMRC staff responsible for the provision of incident response and security services - including pass issues, access control, mail screening and guarding. • Plan and deliver physical security and resilience projects • Plan and conduct physical security training • Carry out site visits to provide guidance and support to local staff, and assurance to management Ideal Candidate: • General Security background (Required) • Significant Built Environment Security experience. (Required) • Applied Physical Security - Practitioner (Required) or Expert (Desired) • Legal and Regulatory Environment - Practitioner (Required) or Expert (Desired) • Understanding Risk and Mitigation - Practitioner (Required) or Expert (Desired) • Protective Security - Awareness (Required) or Working (Desired) • Understanding of Threats - Awareness (Required) or Working (Desired) • Security Clearance - Minimum at SC, but with potential to higher level clearance (Required) • Ability to travel nationally in role to all UK sites/facilities. (Required) • Capable of operating efficiently across a wide variety of differing business areas. (Required) Essential Qualifications: • SME: Counter Terrorism; Blast Effects; Hostile Vehicle Mitigation Expertise. • Member or Fellow of a relevant security professional body such as; CySP; ISMI; Security Institute; RSES. • Working knowledge of BIM; REVIT; CAD. Our Offer While we work hard at HMRC we respect your work-life balance and offer flexible working conditions reflecting the best in the sector. We offer you structured personal development, progression opportunities, and outstanding training. Memberships Member or Fellow of a relevant security professional body such as; CySP; ISMI; Security Institute; RSES. Benefits • Learning and development tailored to your role • An environment with flexible working options • A culture encouraging inclusion and diversity • A Civil Service pension
Nov 30, 2021
Full time
Summary Are you looking for an organisation that cares about the work-life balance of its workforce? An employer who offers structured personal development, progression opportunities and outstanding training? Well look no further! Life moves fast at HMRC which is why we're the largest Landlord in Government! We're looking to recruit Property Specialists, Project Managers, Facilities Managers and Engineers along with candidates with expertise in a wide range of property related services that can work at pace in a fast paced and agile workplace. At HMRC we are committed to creating a great place to work for all our colleagues; an inclusive and respectful environment that reflects the diversity of the society we serve. We want to maximise the potential of everyone who chooses to work for us and we offer a range of flexible working patterns and support to make a fulfilling career at HMRC accessible to you. Diverse perspectives and experiences are critical to our success and we welcome applications from all people from all backgrounds with the experience and skills needed to perform this role. Job description This role is required to lead the related Design and Discovery activity for Physical Security and Resilience in HMRC Estates Directorate. To lead on identifying pan-estate security risks, defining physical security and resilience standards and contract requirements, and assuring that they are being correctly applied to minimise the risks to HMRC people, information and assets There is a requirement to evaluate threat and risks to HMRC business continuity/resilience on both the existing and new estates, which need to be addressed by the application of Physical Security principles. Physical Security is defined as; security measures that are designed to deny access to unauthorized personnel (including attackers or even accidental intruders) from physically accessing a building, facility, resource, or stored information; The provision of guidance on how to design structures and building services to resist potentially hostile acts, although there are other considerations and situations in which physical security measures are valuable (for example, limiting access within a facility and/or to specific assets) Responsibilities As our Physical Security and Resilience Lead you will be responsible for, but not limited to: • Identify security and resilience risks and develop physical security responses to avoid or mitigate these risks. • Work closely with HMRC security professionals, and those from the wider Civil Service, to integrate physical security responses with Cyber, Information and Personnel security responses to deliver a holistic solution as part of a layered and integrated approach • Identify opportunities to integrate physical security measures with actions required in other business areas • Define physical security and resilience standards for HMRC - in conjunction with other parts of the Civil Service - for all estate facilities including offices, digital facilities, car parking and warehousing • Specify physical security requirements for inclusion in construction and estates service provision contracts - including building structure, layout, barriers, lighting and support services • Specify business resilience / continuity requirements for inclusion in construction and estates services provision contracts - including power supply and stand-by power • Work collaboratively with HMRC staff responsible for the provision of incident response and security services - including pass issues, access control, mail screening and guarding. • Plan and deliver physical security and resilience projects • Plan and conduct physical security training • Carry out site visits to provide guidance and support to local staff, and assurance to management Ideal Candidate: • General Security background (Required) • Significant Built Environment Security experience. (Required) • Applied Physical Security - Practitioner (Required) or Expert (Desired) • Legal and Regulatory Environment - Practitioner (Required) or Expert (Desired) • Understanding Risk and Mitigation - Practitioner (Required) or Expert (Desired) • Protective Security - Awareness (Required) or Working (Desired) • Understanding of Threats - Awareness (Required) or Working (Desired) • Security Clearance - Minimum at SC, but with potential to higher level clearance (Required) • Ability to travel nationally in role to all UK sites/facilities. (Required) • Capable of operating efficiently across a wide variety of differing business areas. (Required) Essential Qualifications: • SME: Counter Terrorism; Blast Effects; Hostile Vehicle Mitigation Expertise. • Member or Fellow of a relevant security professional body such as; CySP; ISMI; Security Institute; RSES. • Working knowledge of BIM; REVIT; CAD. Our Offer While we work hard at HMRC we respect your work-life balance and offer flexible working conditions reflecting the best in the sector. We offer you structured personal development, progression opportunities, and outstanding training. Memberships Member or Fellow of a relevant security professional body such as; CySP; ISMI; Security Institute; RSES. Benefits • Learning and development tailored to your role • An environment with flexible working options • A culture encouraging inclusion and diversity • A Civil Service pension