Senior Cyber Security Engineer Location: London (Hybrid) | Type: Permanent Are you ready to take ownership of an organisation's Cyber Security roadmap? Do you thrive in a challenging, busy environment? My London-based client is seeking a Senior Cyber Security Engineer to join their dynamic team on a permanent basis. This is an exciting opportunity to make a tangible impact on their security posture and drive innovation in their security strategy. About the Role As a Senior Cyber Security Engineer, you'll play a pivotal role in securing the organisation's infrastructure. You will: Collaborate closely with an outsourced SOC, prioritising and implementing security recommendations. Oversee critical security areas, including Vulnerability Management, Identity Management, Endpoint Security, Cloud Security, Exposure Management, and SIEM. Own and deliver the Cyber Security Roadmap, managing stakeholder relationships and ensuring effective communication around progress, prioritisation, and risk. Drive key initiatives like Network Segmentation, DMARC implementation, Access Control, User Awareness, and Disaster Recovery. Lead BAU activities to maintain and enhance the organisation's security posture. Key Responsibilities SOC Management: Work closely with the outsourced SOC to assess and prioritize recommendations. Coordinate with internal teams to execute necessary changes, ensuring a robust network and infrastructure. Cyber Security Roadmap: Take ownership of delivering a comprehensive security roadmap with projects including: Network Segmentation: Implement effective network control to safeguard sensitive data. DMARC: Enable DKIM and DMARC for secure email validation. Access Control: Enhance identity management with MFA and streamline access policies. Disaster Recovery: Integrate cyber protection into disaster recovery and business continuity plans. Data Protection: Audit and secure confidential and PII storage locations, leveraging tools like Microsoft Purview. BAU Operations: Continuously review and improve starters/leavers processes. Investigate and respond to security incidents using various tools. Oversee MDM, patching cycles, Firewall rule reviews, and USB lockdown. Manage privileged accounts and ensure OS versions are up to date. What the client are looking for: They need someone with a proven track record in delivering security projects and managing cybersecurity in complex environments. The ideal candidate will demonstrate experience in: Leading the majority of the roadmap projects mentioned. Engaging with stakeholders to provide updates, justify priorities, and highlight risks. Managing BAU activities to maintain a high level of security compliance. Why Join them? The opportunity to take full ownership of an organisation's security roadmap. Be part of a team that values innovation and proactive problem-solving. Good salary and benefits package. Ready to shape the future of cybersecurity for a forward-thinking organisation? Apply now to join as a Senior Cyber Security Engineer.
Jan 21, 2025
Full time
Senior Cyber Security Engineer Location: London (Hybrid) | Type: Permanent Are you ready to take ownership of an organisation's Cyber Security roadmap? Do you thrive in a challenging, busy environment? My London-based client is seeking a Senior Cyber Security Engineer to join their dynamic team on a permanent basis. This is an exciting opportunity to make a tangible impact on their security posture and drive innovation in their security strategy. About the Role As a Senior Cyber Security Engineer, you'll play a pivotal role in securing the organisation's infrastructure. You will: Collaborate closely with an outsourced SOC, prioritising and implementing security recommendations. Oversee critical security areas, including Vulnerability Management, Identity Management, Endpoint Security, Cloud Security, Exposure Management, and SIEM. Own and deliver the Cyber Security Roadmap, managing stakeholder relationships and ensuring effective communication around progress, prioritisation, and risk. Drive key initiatives like Network Segmentation, DMARC implementation, Access Control, User Awareness, and Disaster Recovery. Lead BAU activities to maintain and enhance the organisation's security posture. Key Responsibilities SOC Management: Work closely with the outsourced SOC to assess and prioritize recommendations. Coordinate with internal teams to execute necessary changes, ensuring a robust network and infrastructure. Cyber Security Roadmap: Take ownership of delivering a comprehensive security roadmap with projects including: Network Segmentation: Implement effective network control to safeguard sensitive data. DMARC: Enable DKIM and DMARC for secure email validation. Access Control: Enhance identity management with MFA and streamline access policies. Disaster Recovery: Integrate cyber protection into disaster recovery and business continuity plans. Data Protection: Audit and secure confidential and PII storage locations, leveraging tools like Microsoft Purview. BAU Operations: Continuously review and improve starters/leavers processes. Investigate and respond to security incidents using various tools. Oversee MDM, patching cycles, Firewall rule reviews, and USB lockdown. Manage privileged accounts and ensure OS versions are up to date. What the client are looking for: They need someone with a proven track record in delivering security projects and managing cybersecurity in complex environments. The ideal candidate will demonstrate experience in: Leading the majority of the roadmap projects mentioned. Engaging with stakeholders to provide updates, justify priorities, and highlight risks. Managing BAU activities to maintain a high level of security compliance. Why Join them? The opportunity to take full ownership of an organisation's security roadmap. Be part of a team that values innovation and proactive problem-solving. Good salary and benefits package. Ready to shape the future of cybersecurity for a forward-thinking organisation? Apply now to join as a Senior Cyber Security Engineer.
VICE PRESIDENT GOVERNANCE RISK & COMPLIANCE - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires you to create an immersive simulation that leverages advanced problem-solving methods and complex cognitive tasks to deliver real-global operations scenarios for performing GRC tasks in virtual reality. Collaborating with leading-edge cognitive thinking systems, networks, and Systems of System Engineering, cybersecurity, space applications, and electromagnetic spectrum operations applications. You will develop and deliver security programs in fast-paced innovational waves. Areas to focus: Configure and manage networks, servers, Optical ground station terminal, data center, and critical infrastructure. Manage day-to-day IT & Engineering needs (system administration, help desk support). Monitor security tools and respond to alerts and incidents. COMPLIANCE ACTIVITIES: Change Management Incident Management Maintenance Vulnerability scanning Implement NIST SP 800-171 for internal systems. Establish a System Security Plan (SSP) . The SSP needs to go through each NIST SP 800-171 control and include how the control is implemented, monitored, and enforced. GOVERNANCE: Create programs and pathways for transition into cybersecurity, regulations, compliance, and GRC, translating business into technical and security risk. RISK MANAGEMENT: The goal is to understand the lifecycle of risk, apply complex critical skills, asset inventory, risk assessment, identifying threats, and access management audits. ENVIRONMENT: This position will operate in the regulatory engineering division MULTIDOMAIN DEFENCE DOCK . QUALIFICATION, KEY REQUIREMENTS AND SKILLS SET: 20 years experience in emergent technology. Experience in architecting, building, and securing systems at scale. In-depth knowledge of cybersecurity compliance standards such as ISO, SOC, NIST, CMMC, EDRS, and ITAR. Certifications in (ISACA, CISM, CRISC, CISA, ITCA) . Certified Information Security Manager (CISM) is essential. Certified Authorization Professional (CAP) . Information Systems Security Architecture Professional (ISSAP) . GIAC Security Leadership Certificate (GSLC) . Information Systems Security Engineering Professional (ISSEP) . Information assurance system architecture and engineer (IASAE) . It's a prerequisite to be certified in one of the listed DoD 8570 Certifications. INTERVIEW PROCESS: STAGE 1: COGNITIVE ASSESSMENT SCREENING: WITH A 30+ YEAR EXPERIENCE PSYCHOLOGIST: STAGE 2: PRE-SCREENING (verification checks & DV security clearance) STAGE 3: INTERVIEW WITH THE: CEO, CTO & GC
Jan 21, 2025
Full time
VICE PRESIDENT GOVERNANCE RISK & COMPLIANCE - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires you to create an immersive simulation that leverages advanced problem-solving methods and complex cognitive tasks to deliver real-global operations scenarios for performing GRC tasks in virtual reality. Collaborating with leading-edge cognitive thinking systems, networks, and Systems of System Engineering, cybersecurity, space applications, and electromagnetic spectrum operations applications. You will develop and deliver security programs in fast-paced innovational waves. Areas to focus: Configure and manage networks, servers, Optical ground station terminal, data center, and critical infrastructure. Manage day-to-day IT & Engineering needs (system administration, help desk support). Monitor security tools and respond to alerts and incidents. COMPLIANCE ACTIVITIES: Change Management Incident Management Maintenance Vulnerability scanning Implement NIST SP 800-171 for internal systems. Establish a System Security Plan (SSP) . The SSP needs to go through each NIST SP 800-171 control and include how the control is implemented, monitored, and enforced. GOVERNANCE: Create programs and pathways for transition into cybersecurity, regulations, compliance, and GRC, translating business into technical and security risk. RISK MANAGEMENT: The goal is to understand the lifecycle of risk, apply complex critical skills, asset inventory, risk assessment, identifying threats, and access management audits. ENVIRONMENT: This position will operate in the regulatory engineering division MULTIDOMAIN DEFENCE DOCK . QUALIFICATION, KEY REQUIREMENTS AND SKILLS SET: 20 years experience in emergent technology. Experience in architecting, building, and securing systems at scale. In-depth knowledge of cybersecurity compliance standards such as ISO, SOC, NIST, CMMC, EDRS, and ITAR. Certifications in (ISACA, CISM, CRISC, CISA, ITCA) . Certified Information Security Manager (CISM) is essential. Certified Authorization Professional (CAP) . Information Systems Security Architecture Professional (ISSAP) . GIAC Security Leadership Certificate (GSLC) . Information Systems Security Engineering Professional (ISSEP) . Information assurance system architecture and engineer (IASAE) . It's a prerequisite to be certified in one of the listed DoD 8570 Certifications. INTERVIEW PROCESS: STAGE 1: COGNITIVE ASSESSMENT SCREENING: WITH A 30+ YEAR EXPERIENCE PSYCHOLOGIST: STAGE 2: PRE-SCREENING (verification checks & DV security clearance) STAGE 3: INTERVIEW WITH THE: CEO, CTO & GC
It's an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one ofInc. magazine's Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently simple, scalable, and reliable for everyone. Infoblox customers are among the largest enterprises in the world and include 70% of the Fortune 500, and our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies-and having fun along the way. We are looking for a Senior Director, Revenue Operations to join and lead our EMEA Revenue Operations team, reporting to the Global VP, Revenue Operations, who is based in the US. In this role, you will work closely with the EMEA Sales team and all parts of Revenue Operations, to enable our Sales team to achieve its business objectives through people, process, and technology. This is an exceptional opportunity to join a growing, successful, and innovative organization. At Infoblox, you will be able to thrive in a unique work environment that emphasizes career growth, excellence, innovation, and collaboration. You are the ideal candidate if you are detail-oriented, have great follow-through, are driven by achieving results, and work efficiently at all levels within the organization, as well as with partners. You also have sharp business and technical acumen, and be a seasoned leader. What you'll do: Work directly with the SVP of EMEA sales to drive and coordinate the execution of the sales plan being the focal point for all operations and business partners, including strategic programs Represent the field teams to the rest of the company Drive alignment across geo Sales leaders and help them problem solve Provide analytics/insights, including about Sales, Solution Architects, and overlays Assist with on/offboarding and training of Sales team members Drive and enable forecast, QBRs and sales and regional leadership meetings Establish and drive an operation rhythm and change management Run territory planning resolving account creation/overlap issues What you'll bring: 10+ years of experience in a sales, sales operations, or business analytics role in the technology industry Solid understanding and passion for working with and supporting sales teams Proven track record of leading sales/revenue operations teams and defining sales strategy Excellent communication, presentation, and interpersonal skills Demonstrated ability to represent data, insights, and tell a story that makes the data easy to understand experience required; Clari/Tableau experience highly preferred Attention to detail and the ability to manage multiple tasks and projects High intellectual curiosity - always getting the job done but asks "why are we doing this" and "how can we improve it going forward?" Bachelor's Degree What success looks like: After six months, you will Successfully integrate with both the EMEA Sales leadership and Revenue Operations teams, and have an understanding of the Infoblox GTM strategy and Sales leadership requirements Deliver actionable data to the Sales teams you support Drive and measure Sales strategy and cadence After about a year, you will Integrate your knowledge into representing leading trends and insights of the business Provide recommendations on strategy and process Collaborate with cross-functional teams on key initiatives Lead key initiatives We've got you covered: Our holistic benefits package includes coverage of your health, wealth, and wellness-as well as a great work environment, employee programs, and company culture. We offer a competitive salary and benefits package and generous paid time off to help you balance your life. We have a strong culture and live our values every day-we believe in transparency, curiosity, respect, and above all, having fun while delighting our customers. Why Infoblox? We've created a culture that embraces diversity, equity, and inclusion and rewards innovation, curiosity, and creativity. We achieve remarkable results by working together in a supportive environment that focuses on continuous learning and embraces change. So, whether you're a software engineer, marketing manager, customer care pro, or product specialist, you belong here, where you will have the opportunity to grow and develop your career. Check out what it's like to be a Bloxer . We think you'll be excited to join our team. Tagged as: Revenue Operations
Jan 21, 2025
Full time
It's an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one ofInc. magazine's Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently simple, scalable, and reliable for everyone. Infoblox customers are among the largest enterprises in the world and include 70% of the Fortune 500, and our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies-and having fun along the way. We are looking for a Senior Director, Revenue Operations to join and lead our EMEA Revenue Operations team, reporting to the Global VP, Revenue Operations, who is based in the US. In this role, you will work closely with the EMEA Sales team and all parts of Revenue Operations, to enable our Sales team to achieve its business objectives through people, process, and technology. This is an exceptional opportunity to join a growing, successful, and innovative organization. At Infoblox, you will be able to thrive in a unique work environment that emphasizes career growth, excellence, innovation, and collaboration. You are the ideal candidate if you are detail-oriented, have great follow-through, are driven by achieving results, and work efficiently at all levels within the organization, as well as with partners. You also have sharp business and technical acumen, and be a seasoned leader. What you'll do: Work directly with the SVP of EMEA sales to drive and coordinate the execution of the sales plan being the focal point for all operations and business partners, including strategic programs Represent the field teams to the rest of the company Drive alignment across geo Sales leaders and help them problem solve Provide analytics/insights, including about Sales, Solution Architects, and overlays Assist with on/offboarding and training of Sales team members Drive and enable forecast, QBRs and sales and regional leadership meetings Establish and drive an operation rhythm and change management Run territory planning resolving account creation/overlap issues What you'll bring: 10+ years of experience in a sales, sales operations, or business analytics role in the technology industry Solid understanding and passion for working with and supporting sales teams Proven track record of leading sales/revenue operations teams and defining sales strategy Excellent communication, presentation, and interpersonal skills Demonstrated ability to represent data, insights, and tell a story that makes the data easy to understand experience required; Clari/Tableau experience highly preferred Attention to detail and the ability to manage multiple tasks and projects High intellectual curiosity - always getting the job done but asks "why are we doing this" and "how can we improve it going forward?" Bachelor's Degree What success looks like: After six months, you will Successfully integrate with both the EMEA Sales leadership and Revenue Operations teams, and have an understanding of the Infoblox GTM strategy and Sales leadership requirements Deliver actionable data to the Sales teams you support Drive and measure Sales strategy and cadence After about a year, you will Integrate your knowledge into representing leading trends and insights of the business Provide recommendations on strategy and process Collaborate with cross-functional teams on key initiatives Lead key initiatives We've got you covered: Our holistic benefits package includes coverage of your health, wealth, and wellness-as well as a great work environment, employee programs, and company culture. We offer a competitive salary and benefits package and generous paid time off to help you balance your life. We have a strong culture and live our values every day-we believe in transparency, curiosity, respect, and above all, having fun while delighting our customers. Why Infoblox? We've created a culture that embraces diversity, equity, and inclusion and rewards innovation, curiosity, and creativity. We achieve remarkable results by working together in a supportive environment that focuses on continuous learning and embraces change. So, whether you're a software engineer, marketing manager, customer care pro, or product specialist, you belong here, where you will have the opportunity to grow and develop your career. Check out what it's like to be a Bloxer . We think you'll be excited to join our team. Tagged as: Revenue Operations
IT Security Engineer Bristol - Hybrid Working/1 or 2 days per week onsite £45,000 - £50,000 + benefits Fantastic new permanent opportunity for an experienced IT Security Engineer with this large financial services company based in Bristol. As a key member of the Planning, Architecture & Security services team, the role will be at the forefront of the company's security strategy, ensuring the confidentiality, integrity and availability of all their information and information systems. This role will focus on security and quality control in the IT department and will include designing, building and securing, scalable and robust systems. This role will help the company understand security threats and help create strategies to protect the businesses assets and interests. Main responsibilities: Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions. Plan, implement and upgrade security measures and controls. Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction. Contribute to the IT Strategy planning process with regards to Information Security, ISO27001/27002 developments. Provide advisory and consulting support to help the Company improve its security posture and adhere to security policies, expected controls and regulatory requirements. Maintain data and monitor security access. Perform vulnerability testing, risk analyses and security assessments. Define, implement and maintain corporate security policies. Anticipate security alerts, incidents and disasters and reduce their likelihood. Perform information security reviews of the core business and group business as well as third parties. Identify and document areas of IT Risk related to Information/Cyber Security. Support IT Risk Management by proposing appropriate risk mitigation and control measures. Skills Required: A proven background within Security Operations/Network Security and Security Engineering. Able to demonstrate a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Mitre Att&ck Framework, OWASP). Experience in designing secure components (eg networks, systems, applications, security technologies) Knowledge of and skills in at least one Scripting language such as PowerShell. Comprehensive knowledge of network design, defence-in-depth principles and network security architecture. Extensive experience and understanding of security analysis tools, defensive technologies and other security technologies (eg SIEM, VAS, IDS/IPS, Firewalls, IAM, PAM, NAC, Email Security, Web filtering, Patch management, Anti-malware). Experience in identifying, detecting, applying protection, responding and remediating to security incidents to within business risk appetite. Strong working knowledge of authentication technologies (eg two-factor, multifactor). Strong proficiency in using the Microsoft Ecosystem such as Active Directory and MS Entra ID, including GPO, DNS, DHCP. Knowledge of endpoint security solutions (eg HIDS, anti-malware, file integrity, DLP). AWS, Azure and other cloud platforms, including hybrid cloud (eg SaaS, IaaS, PaaS). System administration, supporting multiple platforms and applications. Skilled in conducting vulnerability scans and identifying vulnerabilities in systems. Effective technical and non-technical communication skills to provide security support for colleagues, at all levels, across the business. For any further queries regarding the role or to apply, please contact Danny Palmer on at (see below)
Jan 21, 2025
Full time
IT Security Engineer Bristol - Hybrid Working/1 or 2 days per week onsite £45,000 - £50,000 + benefits Fantastic new permanent opportunity for an experienced IT Security Engineer with this large financial services company based in Bristol. As a key member of the Planning, Architecture & Security services team, the role will be at the forefront of the company's security strategy, ensuring the confidentiality, integrity and availability of all their information and information systems. This role will focus on security and quality control in the IT department and will include designing, building and securing, scalable and robust systems. This role will help the company understand security threats and help create strategies to protect the businesses assets and interests. Main responsibilities: Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions. Plan, implement and upgrade security measures and controls. Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction. Contribute to the IT Strategy planning process with regards to Information Security, ISO27001/27002 developments. Provide advisory and consulting support to help the Company improve its security posture and adhere to security policies, expected controls and regulatory requirements. Maintain data and monitor security access. Perform vulnerability testing, risk analyses and security assessments. Define, implement and maintain corporate security policies. Anticipate security alerts, incidents and disasters and reduce their likelihood. Perform information security reviews of the core business and group business as well as third parties. Identify and document areas of IT Risk related to Information/Cyber Security. Support IT Risk Management by proposing appropriate risk mitigation and control measures. Skills Required: A proven background within Security Operations/Network Security and Security Engineering. Able to demonstrate a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Mitre Att&ck Framework, OWASP). Experience in designing secure components (eg networks, systems, applications, security technologies) Knowledge of and skills in at least one Scripting language such as PowerShell. Comprehensive knowledge of network design, defence-in-depth principles and network security architecture. Extensive experience and understanding of security analysis tools, defensive technologies and other security technologies (eg SIEM, VAS, IDS/IPS, Firewalls, IAM, PAM, NAC, Email Security, Web filtering, Patch management, Anti-malware). Experience in identifying, detecting, applying protection, responding and remediating to security incidents to within business risk appetite. Strong working knowledge of authentication technologies (eg two-factor, multifactor). Strong proficiency in using the Microsoft Ecosystem such as Active Directory and MS Entra ID, including GPO, DNS, DHCP. Knowledge of endpoint security solutions (eg HIDS, anti-malware, file integrity, DLP). AWS, Azure and other cloud platforms, including hybrid cloud (eg SaaS, IaaS, PaaS). System administration, supporting multiple platforms and applications. Skilled in conducting vulnerability scans and identifying vulnerabilities in systems. Effective technical and non-technical communication skills to provide security support for colleagues, at all levels, across the business. For any further queries regarding the role or to apply, please contact Danny Palmer on at (see below)
INTERNAL AUDIT In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes. TEAM OVERVIEW Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical skills, exercise professional scepticism, and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, build relationships, and thrive in teamwork and in a fast-paced global environment. Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering. THE ROLE AND RESPONSIBILITIES As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, Internal Audit performs the following duties: Communicates and reports on the effectiveness of the firm's governance, risk management and controls that mitigate current and evolving risk Raises awareness of control risk Assesses the firm's control culture and conduct risks Monitors management's implementation of control measures Additional responsibilities include: Develop and maintain an in-depth understanding of business areas, its products, and supporting functions Plan and execute audit testing to ensure audit fieldwork is focused on the right areas and documentation meets high quality standards Identify risks, assess mitigating controls, and make recommendations on improving the control environment Prepare commercially effective audit conclusions and findings, and present to IA senior management and business clients Follow-up on open audit issues and their resolution Participate in department-wide initiatives aimed at continually improving IA's processes and supporting infrastructure SKILLS AND EXPERIENCE REQUIRED 7+ years of experience in a public accounting or internal audit role within the financial services industry or a related control function In-depth technical knowledge of key risks and associated controls within the Wealth Management industry Strong leadership, interpersonal, and relationship management skills Strong verbal and written communication skills Highly motivated with the ability to multi-task and remain organized in a fast-paced environment Relevant certification or industry accreditation (e.g., ACA, ACCA) is a plus ABOUT GOLDMAN SACHS At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: The Goldman Sachs Group, Inc., 2023. All rights reserved. Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity
Jan 21, 2025
Full time
INTERNAL AUDIT In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes. TEAM OVERVIEW Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical skills, exercise professional scepticism, and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, build relationships, and thrive in teamwork and in a fast-paced global environment. Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering. THE ROLE AND RESPONSIBILITIES As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, Internal Audit performs the following duties: Communicates and reports on the effectiveness of the firm's governance, risk management and controls that mitigate current and evolving risk Raises awareness of control risk Assesses the firm's control culture and conduct risks Monitors management's implementation of control measures Additional responsibilities include: Develop and maintain an in-depth understanding of business areas, its products, and supporting functions Plan and execute audit testing to ensure audit fieldwork is focused on the right areas and documentation meets high quality standards Identify risks, assess mitigating controls, and make recommendations on improving the control environment Prepare commercially effective audit conclusions and findings, and present to IA senior management and business clients Follow-up on open audit issues and their resolution Participate in department-wide initiatives aimed at continually improving IA's processes and supporting infrastructure SKILLS AND EXPERIENCE REQUIRED 7+ years of experience in a public accounting or internal audit role within the financial services industry or a related control function In-depth technical knowledge of key risks and associated controls within the Wealth Management industry Strong leadership, interpersonal, and relationship management skills Strong verbal and written communication skills Highly motivated with the ability to multi-task and remain organized in a fast-paced environment Relevant certification or industry accreditation (e.g., ACA, ACCA) is a plus ABOUT GOLDMAN SACHS At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: The Goldman Sachs Group, Inc., 2023. All rights reserved. Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity
Business Information Security Manager Apply locations London, United Kingdom time type Full time posted on Posted 2 Days Ago job requisition id R The purpose of this role is to assist the Director of Business Information Security (BISO) in all security matters relating to the oversight of Information Security, Cyber Security and Data Privacy within the Regulatory Reporting business line of LSEG's Post Trade division. The successful candidate will be charged with ensuring that the critical business systems and data assets of Regulatory Reporting are adequately protected, and that all related information security and cyber controls remain effective and within risk appetite and/or have appropriate risk treatment plans in place to bring them back into risk appetite. The role will best suit an experienced Information Security Manager with extensive experience gained from having previously operated within Senior Management level InfoSec/Cyber roles within the FS or FMI industries. The successful candidate must be a subject matter expert in Information Security, as the role demands a very strong knowledge in all areas of information security and cyber security, as well as in-depth knowledge of legacy, existing, and emerging technologies including cloud and security technologies/controls. In addition to a solid foundational Security Governance Risk and Compliance (Security-GRC) skillset, a prior background in information security engineering, security architecture, and security operations will be advantageous in this role given the various levels of stakeholders as well as the tech/cyber projects that the successful candidate will engage with daily. Key responsibilities include: Assisting in the oversight of Information Security by: Reviewing and assessing the information security and cyber controls that enable Regulatory Reporting to conduct its business in a secure manner, and gap analysis of the same. The oversight of InfoSec/Cyber related control gap/risk remediation activities Monitoring and analysing the information security roadmaps, strategies, programmes, and projects within Regulatory Reporting, and identifying and reporting risks, trends and future opportunities for improvement and enhancement. Proactively engaging and working closely with the technology and cyber teams that are delivering technology and cyber services to the firm. Attending risk and governance meetings to provide updates to the Regulatory Reporting stakeholders from the three lines of defence regarding the delivery and progress of the various strategic cyber initiatives and broader cyber programme within LSEG. Working with colleagues from the three lines of defence to define the current risk posture of Regulatory Reporting and collaborating with those stakeholders to remediate identified risks/issues. Engaging with external third parties who provide services to Regulatory Reporting and working closely with the established internal third-party oversight functions to ensure appropriate and contracted levels of security are met. Establish and maintain a Cyber Risk Profile of Regulatory Reporting in line with other areas of LSEG. Assisting with the establishment and maintenance of a Risk Control Assessment (RCA) that focuses on InfoSec/Cyber risks and associated controls, etc. Maintaining the established key performance and key risk indicators and ensuring that all management information (MI) is an accurate reflection of the current control's estate. Maintaining an accurate set of executive level presentation materials that clearly and accurately present the current state of security control within Regulatory Reporting. Assessing the security architecture solution designs and risk position of projects and initiatives undertaken by Regulatory Reporting and working closely with associated SMEs and design authorities to ensure projects are delivered in compliance with Policies and Standards, and with security design principles considered/implemented as key success deliverables. Engagement with the business to: Develop an understanding of business goals and operational risks Identifying key areas for improvement Support the risk management decision processes and risk forums/committees Assisting with the identification of emerging information and cyber security threats to the business, and the subsequent analysis to realise and oversee risk mitigation plans, Build strong relationships within the business to gain an understanding of security-related business risks. Work closely with governance stakeholders in the 1st, 2nd, and 3rd lines of defence on all matters relating to information security, cyber risk, data privacy, including all regulatory and legislative considerations. Embedding Cyber across the firm by: Working closely with all necessary stakeholders in the business and technology areas to ensure compliance with established LSEG policies, standards, and procedures, etc. Constructively and pragmatically challenging established controls to ensure, recommend, and accommodate continuous improvement. Ensuring Regulatory Reporting stakeholders understand their responsibilities in relation to security risk mitigation and remediation. Monitoring industry information security trends and keeping business leadership informed about information security-related issues and activities potentially affecting the organisation and specific business functions. Security Governance, Technical, and Risk Review: The review and documenting of technologies and security controls across the firm, including areas such as; office spaces, data centres and cloud. Executing and concluding security controls maturity assessments against industry standards such as the NIST Cyber Security Framework, ISO27001/2, SOC2, etc Working closely with stakeholders to review all projects and initiatives, assessing them for appropriate/correct levels of security design and controls. Identification of technology and security risks across the firm and the assessment and appropriate risk scoring and presentation of the same. Produce appropriate risk remediation action plans and ability to present and take ownership of risk treatment proposals and action plans. Review and appropriate response to regulatory and legislative matters Produce and present risks and risk postures / cyber maturity to senior/executive bodies. Able to clearly and precisely present complex cyber risk matters to clients and regulators. Partnering with the different business control functions: Build knowledge of business units by assisting them with their security workloads, agendas, and difficulties. Maintaining a balanced relationship with risk, compliance, legal, human resources, and internal and external audit functions. Knowledge of technology, security, and threat landscapes: Staying abreast of emerging technologies, including all security technologies, Sustaining a deep and in-depth knowledge of the cyber threat landscape, Maintain and constantly enriching knowledge of information security and cyber risks as they develop, Being able to propose and explain appropriate cyber risk counter measures clearly and concisely. Remaining informed and knowledgeable on primary global data protection regulations and legislation. Experience and core skill requirements: 10 years minimum experience in senior InfoSec management roles Extensive previous exposure to FS or FMI industry organisations High performance in problem solving, innovating and critical thinking Excellent written/verbal communication and stakeholder management skills Ability to articulate ideas to both technical and non-technical audiences Must be capable of working pragmatically and efficiently in both a team and alone Able to prioritise workloads efficiently and appropriately with minimal supervision Able to work in fast paced, high-volume workload environment, prioritising accordingly Must Have Security Certifications: CISSP Desirable & Advantageous Certifications: CISSP-ISSAP, CISSP-ISSEP, CISM, CCSP, CCSK, CEH Working knowledge of Security Standards / Frameworks: ISO27K, ISF SOGP, NIST CSF, CIS, CSA STAR, CBEST, TIBER-EU, SOC2 LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions. Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race . click apply for full job details
Jan 21, 2025
Full time
Business Information Security Manager Apply locations London, United Kingdom time type Full time posted on Posted 2 Days Ago job requisition id R The purpose of this role is to assist the Director of Business Information Security (BISO) in all security matters relating to the oversight of Information Security, Cyber Security and Data Privacy within the Regulatory Reporting business line of LSEG's Post Trade division. The successful candidate will be charged with ensuring that the critical business systems and data assets of Regulatory Reporting are adequately protected, and that all related information security and cyber controls remain effective and within risk appetite and/or have appropriate risk treatment plans in place to bring them back into risk appetite. The role will best suit an experienced Information Security Manager with extensive experience gained from having previously operated within Senior Management level InfoSec/Cyber roles within the FS or FMI industries. The successful candidate must be a subject matter expert in Information Security, as the role demands a very strong knowledge in all areas of information security and cyber security, as well as in-depth knowledge of legacy, existing, and emerging technologies including cloud and security technologies/controls. In addition to a solid foundational Security Governance Risk and Compliance (Security-GRC) skillset, a prior background in information security engineering, security architecture, and security operations will be advantageous in this role given the various levels of stakeholders as well as the tech/cyber projects that the successful candidate will engage with daily. Key responsibilities include: Assisting in the oversight of Information Security by: Reviewing and assessing the information security and cyber controls that enable Regulatory Reporting to conduct its business in a secure manner, and gap analysis of the same. The oversight of InfoSec/Cyber related control gap/risk remediation activities Monitoring and analysing the information security roadmaps, strategies, programmes, and projects within Regulatory Reporting, and identifying and reporting risks, trends and future opportunities for improvement and enhancement. Proactively engaging and working closely with the technology and cyber teams that are delivering technology and cyber services to the firm. Attending risk and governance meetings to provide updates to the Regulatory Reporting stakeholders from the three lines of defence regarding the delivery and progress of the various strategic cyber initiatives and broader cyber programme within LSEG. Working with colleagues from the three lines of defence to define the current risk posture of Regulatory Reporting and collaborating with those stakeholders to remediate identified risks/issues. Engaging with external third parties who provide services to Regulatory Reporting and working closely with the established internal third-party oversight functions to ensure appropriate and contracted levels of security are met. Establish and maintain a Cyber Risk Profile of Regulatory Reporting in line with other areas of LSEG. Assisting with the establishment and maintenance of a Risk Control Assessment (RCA) that focuses on InfoSec/Cyber risks and associated controls, etc. Maintaining the established key performance and key risk indicators and ensuring that all management information (MI) is an accurate reflection of the current control's estate. Maintaining an accurate set of executive level presentation materials that clearly and accurately present the current state of security control within Regulatory Reporting. Assessing the security architecture solution designs and risk position of projects and initiatives undertaken by Regulatory Reporting and working closely with associated SMEs and design authorities to ensure projects are delivered in compliance with Policies and Standards, and with security design principles considered/implemented as key success deliverables. Engagement with the business to: Develop an understanding of business goals and operational risks Identifying key areas for improvement Support the risk management decision processes and risk forums/committees Assisting with the identification of emerging information and cyber security threats to the business, and the subsequent analysis to realise and oversee risk mitigation plans, Build strong relationships within the business to gain an understanding of security-related business risks. Work closely with governance stakeholders in the 1st, 2nd, and 3rd lines of defence on all matters relating to information security, cyber risk, data privacy, including all regulatory and legislative considerations. Embedding Cyber across the firm by: Working closely with all necessary stakeholders in the business and technology areas to ensure compliance with established LSEG policies, standards, and procedures, etc. Constructively and pragmatically challenging established controls to ensure, recommend, and accommodate continuous improvement. Ensuring Regulatory Reporting stakeholders understand their responsibilities in relation to security risk mitigation and remediation. Monitoring industry information security trends and keeping business leadership informed about information security-related issues and activities potentially affecting the organisation and specific business functions. Security Governance, Technical, and Risk Review: The review and documenting of technologies and security controls across the firm, including areas such as; office spaces, data centres and cloud. Executing and concluding security controls maturity assessments against industry standards such as the NIST Cyber Security Framework, ISO27001/2, SOC2, etc Working closely with stakeholders to review all projects and initiatives, assessing them for appropriate/correct levels of security design and controls. Identification of technology and security risks across the firm and the assessment and appropriate risk scoring and presentation of the same. Produce appropriate risk remediation action plans and ability to present and take ownership of risk treatment proposals and action plans. Review and appropriate response to regulatory and legislative matters Produce and present risks and risk postures / cyber maturity to senior/executive bodies. Able to clearly and precisely present complex cyber risk matters to clients and regulators. Partnering with the different business control functions: Build knowledge of business units by assisting them with their security workloads, agendas, and difficulties. Maintaining a balanced relationship with risk, compliance, legal, human resources, and internal and external audit functions. Knowledge of technology, security, and threat landscapes: Staying abreast of emerging technologies, including all security technologies, Sustaining a deep and in-depth knowledge of the cyber threat landscape, Maintain and constantly enriching knowledge of information security and cyber risks as they develop, Being able to propose and explain appropriate cyber risk counter measures clearly and concisely. Remaining informed and knowledgeable on primary global data protection regulations and legislation. Experience and core skill requirements: 10 years minimum experience in senior InfoSec management roles Extensive previous exposure to FS or FMI industry organisations High performance in problem solving, innovating and critical thinking Excellent written/verbal communication and stakeholder management skills Ability to articulate ideas to both technical and non-technical audiences Must be capable of working pragmatically and efficiently in both a team and alone Able to prioritise workloads efficiently and appropriately with minimal supervision Able to work in fast paced, high-volume workload environment, prioritising accordingly Must Have Security Certifications: CISSP Desirable & Advantageous Certifications: CISSP-ISSAP, CISSP-ISSEP, CISM, CCSP, CCSK, CEH Working knowledge of Security Standards / Frameworks: ISO27K, ISF SOGP, NIST CSF, CIS, CSA STAR, CBEST, TIBER-EU, SOC2 LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions. Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race . click apply for full job details
London Stock Exchange Group
Nottingham, Nottinghamshire
Principal Security Architect Apply for locations: London, United Kingdom; Nottingham, United Kingdom. Time type: Full time Posted on: Posted Yesterday Job requisition id: R Do you want to play a key role in the LSEG Microsoft Partnership and Azure adoption? Do you have a curiosity about Cybersecurity and cloud? If yes, then a role in LSEG's Cloud Security Architecture team may be a perfect fit for you! We are seeking a Principal Cloud Security Architect specializing in Microsoft Azure who will work with solution architects and engineering teams to design, implement, and maintain a secure public cloud environment. The role works closely with other architects, engineers, and site reliability teams to deliver outcomes that align with our ambition for LSEG to be one of the world's great companies! Role responsibilities include: Definition and improvement of LSEG's public cloud security architecture design patterns. Detailed review of each public cloud web service that LSEG wishes to use and documentation of associated minimum security control requirements. Creation and maintenance of cloud security configuration monitoring and auto-remediation signature rules. Assist with security reviews and approvals of Azure policy exemption requests. Assist with Azure configuration compliance reviews with associated risk assessment and documentation of the residual risk position. Act as domain expert for Azure cloud security and respond to questions raised by LSEG teams. Effective collaboration with senior business and security leadership. Delivering cloud security training and education to LSEG teams. Technical experience requirements: 7+ years of growing responsibility in information security analyst, consultancy, or architecture roles. Deep technical knowledge of Microsoft Azure. Hands-on experience with Azure Portal and Azure CLI. Diversity & Inclusion: People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation, and Excellence, which are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence, and Change underpin our purpose and set the standard for everything we do, every day. Working with us means that you will be part of a dynamic organization of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject. HOW TO APPLY? About Us LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our organisation Our Data & Analytics, Capital Markets, and Post Trade divisions have a combined power that provides a comprehensive, integrated suite of trusted financial market infrastructure services to help our customers pursue their ambitions. Where we work LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across Europe, the Middle East, Africa, North America, Latin America, and Asia Pacific.
Jan 21, 2025
Full time
Principal Security Architect Apply for locations: London, United Kingdom; Nottingham, United Kingdom. Time type: Full time Posted on: Posted Yesterday Job requisition id: R Do you want to play a key role in the LSEG Microsoft Partnership and Azure adoption? Do you have a curiosity about Cybersecurity and cloud? If yes, then a role in LSEG's Cloud Security Architecture team may be a perfect fit for you! We are seeking a Principal Cloud Security Architect specializing in Microsoft Azure who will work with solution architects and engineering teams to design, implement, and maintain a secure public cloud environment. The role works closely with other architects, engineers, and site reliability teams to deliver outcomes that align with our ambition for LSEG to be one of the world's great companies! Role responsibilities include: Definition and improvement of LSEG's public cloud security architecture design patterns. Detailed review of each public cloud web service that LSEG wishes to use and documentation of associated minimum security control requirements. Creation and maintenance of cloud security configuration monitoring and auto-remediation signature rules. Assist with security reviews and approvals of Azure policy exemption requests. Assist with Azure configuration compliance reviews with associated risk assessment and documentation of the residual risk position. Act as domain expert for Azure cloud security and respond to questions raised by LSEG teams. Effective collaboration with senior business and security leadership. Delivering cloud security training and education to LSEG teams. Technical experience requirements: 7+ years of growing responsibility in information security analyst, consultancy, or architecture roles. Deep technical knowledge of Microsoft Azure. Hands-on experience with Azure Portal and Azure CLI. Diversity & Inclusion: People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation, and Excellence, which are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence, and Change underpin our purpose and set the standard for everything we do, every day. Working with us means that you will be part of a dynamic organization of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject. HOW TO APPLY? About Us LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies, and enabling customers to create sustainable growth. Our organisation Our Data & Analytics, Capital Markets, and Post Trade divisions have a combined power that provides a comprehensive, integrated suite of trusted financial market infrastructure services to help our customers pursue their ambitions. Where we work LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across Europe, the Middle East, Africa, North America, Latin America, and Asia Pacific.
INTERNAL AUDIT In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes. TEAM OVERVIEW Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional scepticism, and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment. Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering. THE ROLE AND RESPONSIBILITIES As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, Internal Audit perform the following duties: Communicates and reports on the effectiveness of the firm's governance, risk management and controls that mitigate current and evolving risk Raise awareness of control risk Assesses the firm's control culture and conduct risks Monitors management's implementation of control measures Additional responsibilities include: Develop and maintain an in-depth understanding of business areas, its products, and supporting functions Plan and execute audit testing to ensure audit fieldwork is focused on the right areas and documentation meets high quality standards Identify risks, assess mitigating controls, and make recommendations on improving the control environment Prepare commercially effective audit conclusions and findings, and present to IA senior management and business clients Follow-up on open audit issues and their resolution Participate in department-wide initiatives aimed at continually improving IA's processes and supporting infrastructure SKILLS AND EXPERIENCE REQUIRED 7+ years of experience in a public accounting or internal audit role within the financial services industry or a related control function In-depth technical knowledge of key risks and associated controls within the Wealth Management industry Strong leadership, interpersonal, and relationship management skills Strong verbal and written communication skills Highly motivated with the ability to multi-task and remain organized in a fast-paced environment Relevant certification or industry accreditation (e.g., ACA, ACCA) is a plus
Jan 21, 2025
Full time
INTERNAL AUDIT In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes. TEAM OVERVIEW Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional scepticism, and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment. Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering. THE ROLE AND RESPONSIBILITIES As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, Internal Audit perform the following duties: Communicates and reports on the effectiveness of the firm's governance, risk management and controls that mitigate current and evolving risk Raise awareness of control risk Assesses the firm's control culture and conduct risks Monitors management's implementation of control measures Additional responsibilities include: Develop and maintain an in-depth understanding of business areas, its products, and supporting functions Plan and execute audit testing to ensure audit fieldwork is focused on the right areas and documentation meets high quality standards Identify risks, assess mitigating controls, and make recommendations on improving the control environment Prepare commercially effective audit conclusions and findings, and present to IA senior management and business clients Follow-up on open audit issues and their resolution Participate in department-wide initiatives aimed at continually improving IA's processes and supporting infrastructure SKILLS AND EXPERIENCE REQUIRED 7+ years of experience in a public accounting or internal audit role within the financial services industry or a related control function In-depth technical knowledge of key risks and associated controls within the Wealth Management industry Strong leadership, interpersonal, and relationship management skills Strong verbal and written communication skills Highly motivated with the ability to multi-task and remain organized in a fast-paced environment Relevant certification or industry accreditation (e.g., ACA, ACCA) is a plus
CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position. QUALIFICATIONS, KEY REQUIREMENTS AND SKILLSET: 20+ years in cybersecurity and digital solutions engineering Proficiency in key generation, key lifecycle management, and risk management GSEC or Offensive Security Certified Professional (OSCP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) Certified Network Defender (CND) Information Systems Security Architecture Professional (ISSAP) Health Care Information Security and Privacy Practitioner (HCISPP) GIAC Certified Intrusion Analyst (GCIA) GIAC Security Leadership Certificate (GSLC) Information Systems Security Engineering Professional (ISSEP) Certified Ethical Hacker (CEH) Computer Hacking Forensics Investigator (CHFI) Information Assurance System Architecture and Engineer (IASAE) Certification in one of the listed DoD 8570 Certifications is prerequisite. INTERVIEW PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH CEO & CTO
Jan 21, 2025
Full time
CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position. QUALIFICATIONS, KEY REQUIREMENTS AND SKILLSET: 20+ years in cybersecurity and digital solutions engineering Proficiency in key generation, key lifecycle management, and risk management GSEC or Offensive Security Certified Professional (OSCP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) Certified Network Defender (CND) Information Systems Security Architecture Professional (ISSAP) Health Care Information Security and Privacy Practitioner (HCISPP) GIAC Certified Intrusion Analyst (GCIA) GIAC Security Leadership Certificate (GSLC) Information Systems Security Engineering Professional (ISSEP) Certified Ethical Hacker (CEH) Computer Hacking Forensics Investigator (CHFI) Information Assurance System Architecture and Engineer (IASAE) Certification in one of the listed DoD 8570 Certifications is prerequisite. INTERVIEW PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH CEO & CTO
Broker Systems Engineer Calling all people with Open GI Experience This is a fantastic opportunity to join a growing, thriving company with a huge presence in the insurance space. The role can be based at either the Peterborough, Manchester or Stoke Offices and will involve a mixture of working from home and in the office. Job Purpose: As a Broker Systems Engineer you will analyse, configure, and test common areas of the core Policy administration systems using appropriate processes, methods, and standards. Working in a Scrum agile environment, Broker Systems Engineers perform configuration changes to meet project and change goals. You will be involved in all aspects of the development process, taking responsibility for your own work, and working to ensure the success of the team sprints. Key Responsibilities/Accountabilities: Undertake development/configuration and delivery of systems at a level appropriate to the role. Working alongside other key business functions including Trading, Pricing, Wholesale, Operations, Commercial and Business Optimisation to ensure optimal commercial performance of the platform. Execute unit testing for all development/configuration and contribute to the planning of appropriate testing by the test team. Ensure all production and development / test platforms are robust and secure, with clear auditing of change, in accordance with the Change Management practices. Ensure that the development/configuration of the platforms are consistent and in line to our standards. Provide 3rd line support for existing Policy Administration Systems within Markerstudy Distribution. To produce suitable design proposals for all new development in association with the rest of the scrum team in line with the Product Design Authority process (PDA). Ensure all configuration documents are kept up to date inline with our config change procedure for audit trail purposes. Contribute to best practice in development of the systems and of processes within the scrum team. Provide updates to line management and the team on the progress of work during daily stand-ups and meetings. Ensure compliance to Technology controls in all activities undertaken. To provide input to the analysis process to avoid re-work and re-specification of systems mid-project. To actively support and encourage at all times, compliance with our quality principles, company policies and best practice in security, legal and regulatory requirements. To safeguard information, paying particular attention to customer and employee data and business sensitive information. Skills/Experience needed: Essential Experience of Open GI s Core back office platform. Understanding and experience of the software development life cycle, agile methodology (especially Scrum). Highly motivated / motivational to see success, delivered via their efforts. Good awareness of Incident, Problem and change management. Familiar with Insurance Policy Administration systems. Flexible and able to absorb rapidly new information / change in plans. Knowledge of version control tools for versioning code changes. Desirable Good Knowledge and experience use of HTML, Velocity, CSS and Microsoft applications. Demonstrates a systematic, disciplined, and analytical approach to problem solving. Good formal and informal communications ability both orally and in writing. Capable of assisting other team members. Is performance driven and can motivate others to be the same. Good appreciation of the wider field of Technology. Able to adapt to change well. Good awareness of Cyber / Information / Data Security risks and the potential impact of these to the business. Use of issue management tools such as Jira, Service Now and confluence etc. Benefits Starting with 25 days annual leave (plus bank holidays) Opportunity for a yearly bonus Life Assurance 2x annual salary Collaborative, fast paced working environment Hybrid Working Modern, vibrant offices If you are interested, please apply with your up-to-date CV or email (url removed) for more information.
Jan 21, 2025
Full time
Broker Systems Engineer Calling all people with Open GI Experience This is a fantastic opportunity to join a growing, thriving company with a huge presence in the insurance space. The role can be based at either the Peterborough, Manchester or Stoke Offices and will involve a mixture of working from home and in the office. Job Purpose: As a Broker Systems Engineer you will analyse, configure, and test common areas of the core Policy administration systems using appropriate processes, methods, and standards. Working in a Scrum agile environment, Broker Systems Engineers perform configuration changes to meet project and change goals. You will be involved in all aspects of the development process, taking responsibility for your own work, and working to ensure the success of the team sprints. Key Responsibilities/Accountabilities: Undertake development/configuration and delivery of systems at a level appropriate to the role. Working alongside other key business functions including Trading, Pricing, Wholesale, Operations, Commercial and Business Optimisation to ensure optimal commercial performance of the platform. Execute unit testing for all development/configuration and contribute to the planning of appropriate testing by the test team. Ensure all production and development / test platforms are robust and secure, with clear auditing of change, in accordance with the Change Management practices. Ensure that the development/configuration of the platforms are consistent and in line to our standards. Provide 3rd line support for existing Policy Administration Systems within Markerstudy Distribution. To produce suitable design proposals for all new development in association with the rest of the scrum team in line with the Product Design Authority process (PDA). Ensure all configuration documents are kept up to date inline with our config change procedure for audit trail purposes. Contribute to best practice in development of the systems and of processes within the scrum team. Provide updates to line management and the team on the progress of work during daily stand-ups and meetings. Ensure compliance to Technology controls in all activities undertaken. To provide input to the analysis process to avoid re-work and re-specification of systems mid-project. To actively support and encourage at all times, compliance with our quality principles, company policies and best practice in security, legal and regulatory requirements. To safeguard information, paying particular attention to customer and employee data and business sensitive information. Skills/Experience needed: Essential Experience of Open GI s Core back office platform. Understanding and experience of the software development life cycle, agile methodology (especially Scrum). Highly motivated / motivational to see success, delivered via their efforts. Good awareness of Incident, Problem and change management. Familiar with Insurance Policy Administration systems. Flexible and able to absorb rapidly new information / change in plans. Knowledge of version control tools for versioning code changes. Desirable Good Knowledge and experience use of HTML, Velocity, CSS and Microsoft applications. Demonstrates a systematic, disciplined, and analytical approach to problem solving. Good formal and informal communications ability both orally and in writing. Capable of assisting other team members. Is performance driven and can motivate others to be the same. Good appreciation of the wider field of Technology. Able to adapt to change well. Good awareness of Cyber / Information / Data Security risks and the potential impact of these to the business. Use of issue management tools such as Jira, Service Now and confluence etc. Benefits Starting with 25 days annual leave (plus bank holidays) Opportunity for a yearly bonus Life Assurance 2x annual salary Collaborative, fast paced working environment Hybrid Working Modern, vibrant offices If you are interested, please apply with your up-to-date CV or email (url removed) for more information.
Information Security Engineer - Development and Automation - UK, Remote Optum is a global organisation that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. About the Role: As a Fortune 5 business, we're one of the world's leading healthcare companies. There are no limits here on the resources you'll have or the challenges you'll encounter. We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals. With a continued record of growth and stability, we're on the constant lookout for fresh talent to join our expanding teams. healthcare system works better for everyone. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. Primary Roles & Responsibilities of an Information Security Engineer - Development and Automation: Utilize development and automation tools to identify, escalate, and respond to cybersecurity events and incidents Develop and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs Design and maintain automated workflows for efficient and effective security incident response Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy Leverage automation frameworks and scripting languages to streamline security operations and improve incident handling capabilities Produce detailed incident reports and security recommendations using automated reporting and analysis tools Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness Provide training and guidance on leveraging automation tools for streamlined incident response and remediation processes Foster strong relationships with technical personnel from various disciplines to drive automation initiatives and promote best practices Act as a subject matter expert in automation technologies and tools for cybersecurity incident response Identify opportunities for process automation and develop solutions to increase efficiency and effectiveness in security operations Monitor and evaluate the effectiveness of automated security controls, recommending improvements based on industry best practices and emerging threats Stay up-to-date with the latest developments in automation and security technologies, proactively identifying opportunities for improvement and innovation in incident response and automation processes Required Qualifications of an Information Security Engineer - Development and Automation: Undergraduate degree or equivalent experience Strong programming Skills in Python Proven experience in IT Security or Cyber Security, with a focus on development and automation in one or more of the following areas: o Incident Response o Email Security o Data Protection/Governance o Cybersecurity threat detection, monitoring, and reporting o Cyber Intelligence and Threat Hunting o Vulnerability Management Experience in google security operations Experience analyzing attack vectors, current threats, and security remediation strategies Strong understanding of networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application. All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalised groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. 2024 UnitedHealth Group. All rights reserved.
Jan 21, 2025
Full time
Information Security Engineer - Development and Automation - UK, Remote Optum is a global organisation that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. About the Role: As a Fortune 5 business, we're one of the world's leading healthcare companies. There are no limits here on the resources you'll have or the challenges you'll encounter. We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals. With a continued record of growth and stability, we're on the constant lookout for fresh talent to join our expanding teams. healthcare system works better for everyone. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. Primary Roles & Responsibilities of an Information Security Engineer - Development and Automation: Utilize development and automation tools to identify, escalate, and respond to cybersecurity events and incidents Develop and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs Design and maintain automated workflows for efficient and effective security incident response Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy Leverage automation frameworks and scripting languages to streamline security operations and improve incident handling capabilities Produce detailed incident reports and security recommendations using automated reporting and analysis tools Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness Provide training and guidance on leveraging automation tools for streamlined incident response and remediation processes Foster strong relationships with technical personnel from various disciplines to drive automation initiatives and promote best practices Act as a subject matter expert in automation technologies and tools for cybersecurity incident response Identify opportunities for process automation and develop solutions to increase efficiency and effectiveness in security operations Monitor and evaluate the effectiveness of automated security controls, recommending improvements based on industry best practices and emerging threats Stay up-to-date with the latest developments in automation and security technologies, proactively identifying opportunities for improvement and innovation in incident response and automation processes Required Qualifications of an Information Security Engineer - Development and Automation: Undergraduate degree or equivalent experience Strong programming Skills in Python Proven experience in IT Security or Cyber Security, with a focus on development and automation in one or more of the following areas: o Incident Response o Email Security o Data Protection/Governance o Cybersecurity threat detection, monitoring, and reporting o Cyber Intelligence and Threat Hunting o Vulnerability Management Experience in google security operations Experience analyzing attack vectors, current threats, and security remediation strategies Strong understanding of networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application. All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalised groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. 2024 UnitedHealth Group. All rights reserved.
Information Security Engineer - Development and Automation - UK, Remote Optum is a global organisation that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. About the Role: As a Fortune 5 business, we're one of the world's leading healthcare companies. There are no limits here on the resources you'll have or the challenges you'll encounter. We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals. With a continued record of growth and stability, we're on the constant lookout for fresh talent to join our expanding teams. healthcare system works better for everyone. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. Primary Roles & Responsibilities of an Information Security Engineer - Development and Automation: Utilize development and automation tools to identify, escalate, and respond to cybersecurity events and incidents Develop and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs Design and maintain automated workflows for efficient and effective security incident response Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy Leverage automation frameworks and scripting languages to streamline security operations and improve incident handling capabilities Produce detailed incident reports and security recommendations using automated reporting and analysis tools Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness Provide training and guidance on leveraging automation tools for streamlined incident response and remediation processes Foster strong relationships with technical personnel from various disciplines to drive automation initiatives and promote best practices Act as a subject matter expert in automation technologies and tools for cybersecurity incident response Identify opportunities for process automation and develop solutions to increase efficiency and effectiveness in security operations Monitor and evaluate the effectiveness of automated security controls, recommending improvements based on industry best practices and emerging threats Stay up-to-date with the latest developments in automation and security technologies, proactively identifying opportunities for improvement and innovation in incident response and automation processes Required Qualifications of an Information Security Engineer - Development and Automation: Undergraduate degree or equivalent experience Strong programming Skills in Python Proven experience in IT Security or Cyber Security, with a focus on development and automation in one or more of the following areas: o Incident Response o Email Security o Data Protection/Governance o Cybersecurity threat detection, monitoring, and reporting o Cyber Intelligence and Threat Hunting o Vulnerability Management Experience in google security operations Experience analyzing attack vectors, current threats, and security remediation strategies Strong understanding of networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application. All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalised groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. 2024 UnitedHealth Group. All rights reserved.
Jan 21, 2025
Full time
Information Security Engineer - Development and Automation - UK, Remote Optum is a global organisation that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. About the Role: As a Fortune 5 business, we're one of the world's leading healthcare companies. There are no limits here on the resources you'll have or the challenges you'll encounter. We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals. With a continued record of growth and stability, we're on the constant lookout for fresh talent to join our expanding teams. healthcare system works better for everyone. As an Information Security Engineer with a focus on development and automation, you will serve as the engineering backbone of the Incident Response team. Your expertise in development and automation will play a critical role in enhancing security operations and incident response capabilities. Primary Roles & Responsibilities of an Information Security Engineer - Development and Automation: Utilize development and automation tools to identify, escalate, and respond to cybersecurity events and incidents Develop and implement automated processes for containment and remediation of affected assets, IOCs, and TTPs Design and maintain automated workflows for efficient and effective security incident response Collaborate with cross-functional teams to automate security-related tasks and processes, enhancing overall efficiency and accuracy Leverage automation frameworks and scripting languages to streamline security operations and improve incident handling capabilities Produce detailed incident reports and security recommendations using automated reporting and analysis tools Hold stakeholders accountable for implementing automated remediation actions and monitor their effectiveness Provide training and guidance on leveraging automation tools for streamlined incident response and remediation processes Foster strong relationships with technical personnel from various disciplines to drive automation initiatives and promote best practices Act as a subject matter expert in automation technologies and tools for cybersecurity incident response Identify opportunities for process automation and develop solutions to increase efficiency and effectiveness in security operations Monitor and evaluate the effectiveness of automated security controls, recommending improvements based on industry best practices and emerging threats Stay up-to-date with the latest developments in automation and security technologies, proactively identifying opportunities for improvement and innovation in incident response and automation processes Required Qualifications of an Information Security Engineer - Development and Automation: Undergraduate degree or equivalent experience Strong programming Skills in Python Proven experience in IT Security or Cyber Security, with a focus on development and automation in one or more of the following areas: o Incident Response o Email Security o Data Protection/Governance o Cybersecurity threat detection, monitoring, and reporting o Cyber Intelligence and Threat Hunting o Vulnerability Management Experience in google security operations Experience analyzing attack vectors, current threats, and security remediation strategies Strong understanding of networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application. All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalised groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. 2024 UnitedHealth Group. All rights reserved.
Senior Broker Systems Engineer Calling all people with Open GI Experience This is a fantastic opportunity to join a growing, thriving company with a huge presence in the insurance space. The role can be based at either the Peterborough, Manchester or Stoke Offices and will involve a mixture of working from home and in the office. Role Purpose: As a Senior Broker Systems Engineer you are responsible for the efficiency and effectiveness of development/configuration and through the delivery processes. Working within squads you will play a key role in setting an example by ensure quality solutions and positive mindset. Role Responsibilities: Undertake development/configuration and delivery of systems at a level appropriate to the role. Specifically focused on the Open GI Core Platform and associated products. Use Open GI frame calculation functions to implement business and regulatory changes into the Open GI Core system, ensuring the best journey for clients and staff. Working alongside other key business functions including Trading, Pricing, Wholesale, Operations, Commercial and Business Optimisation to ensure optimal commercial performance of the platform. Execute unit testing for all development/configuration and contribute to the planning of appropriate testing by the test team. Ensure all production and development / test platforms are robust and secure, with clear auditing of change, in accordance with the Change Management practises. Support the Scrum team in the successful planning and delivery of sprints. Coaching/mentoring Junior and Broker Systems Engineers to ensure the appropriate standards are met within squad working. Create training plans to fit the needs of Broker Systems professionals to enhance knowledge and Skill. Provide 3rd line support for existing Policy Administration Systems within Atlanta. To produce suitable design proposals for all new development in association with the rest of the scrum team in line with the Product Design Authority process (PDA). Ensure all configuration documents are kept up to date inline with our config change procedure for audit trail purposes. Work with Head of Broker Systems, Broker Systems Consultant and Principal Broker Systems Engineers on the delivery of work set as part of the overall strategy for Broker Systems. Deliver new configuration components, documents to the agreed levels of quality and in the agreed timescales to ensure project and other change success. To provide reliable estimates of the effort required to develop new systems and functionality. Follow best practise in development and unit testing of configuration and documents builds to ensure minimal defect count in both None prod and Prod environments. To provide input to the analysis process to avoid re-work and re-specification of systems mid-project. Skills and Experience Required: Essential Experience of the Open GI Core back-office systems. Experience of Open GI enhanced calculation functions including Core toolkit and Scheme Toolkit. Understanding and experience of the software development life cycle, agile methodology (especially Scrum). Good Knowledge and experience use of HTML, Velocity, CSS and Microsoft applications. Strong knowledge and experience of technical configuration of a policy administration system(s). A passion for quality and a continuous improvement mindset. Good experience to develop and mentor Broker System professionals. Good awareness of Incident, Problem and change management. Desirable Demonstrates a systematic, disciplined, and analytical approach to problem solving. Good awareness of Cyber / Information / Data Security risks and the potential impact of these to the business. Use of issue management tools such as Jira, Service Now and confluence etc. Experience managing 3rd party suppliers. Benefits Starting with 25 days annual leave (plus bank holidays) Opportunity for a yearly bonus Life Assurance 2x annual salary Collaborative, fast paced working environment Hybrid Working Modern, vibrant offices If you are interested, please apply with your up-to-date CV or email (url removed) for more information.
Jan 21, 2025
Full time
Senior Broker Systems Engineer Calling all people with Open GI Experience This is a fantastic opportunity to join a growing, thriving company with a huge presence in the insurance space. The role can be based at either the Peterborough, Manchester or Stoke Offices and will involve a mixture of working from home and in the office. Role Purpose: As a Senior Broker Systems Engineer you are responsible for the efficiency and effectiveness of development/configuration and through the delivery processes. Working within squads you will play a key role in setting an example by ensure quality solutions and positive mindset. Role Responsibilities: Undertake development/configuration and delivery of systems at a level appropriate to the role. Specifically focused on the Open GI Core Platform and associated products. Use Open GI frame calculation functions to implement business and regulatory changes into the Open GI Core system, ensuring the best journey for clients and staff. Working alongside other key business functions including Trading, Pricing, Wholesale, Operations, Commercial and Business Optimisation to ensure optimal commercial performance of the platform. Execute unit testing for all development/configuration and contribute to the planning of appropriate testing by the test team. Ensure all production and development / test platforms are robust and secure, with clear auditing of change, in accordance with the Change Management practises. Support the Scrum team in the successful planning and delivery of sprints. Coaching/mentoring Junior and Broker Systems Engineers to ensure the appropriate standards are met within squad working. Create training plans to fit the needs of Broker Systems professionals to enhance knowledge and Skill. Provide 3rd line support for existing Policy Administration Systems within Atlanta. To produce suitable design proposals for all new development in association with the rest of the scrum team in line with the Product Design Authority process (PDA). Ensure all configuration documents are kept up to date inline with our config change procedure for audit trail purposes. Work with Head of Broker Systems, Broker Systems Consultant and Principal Broker Systems Engineers on the delivery of work set as part of the overall strategy for Broker Systems. Deliver new configuration components, documents to the agreed levels of quality and in the agreed timescales to ensure project and other change success. To provide reliable estimates of the effort required to develop new systems and functionality. Follow best practise in development and unit testing of configuration and documents builds to ensure minimal defect count in both None prod and Prod environments. To provide input to the analysis process to avoid re-work and re-specification of systems mid-project. Skills and Experience Required: Essential Experience of the Open GI Core back-office systems. Experience of Open GI enhanced calculation functions including Core toolkit and Scheme Toolkit. Understanding and experience of the software development life cycle, agile methodology (especially Scrum). Good Knowledge and experience use of HTML, Velocity, CSS and Microsoft applications. Strong knowledge and experience of technical configuration of a policy administration system(s). A passion for quality and a continuous improvement mindset. Good experience to develop and mentor Broker System professionals. Good awareness of Incident, Problem and change management. Desirable Demonstrates a systematic, disciplined, and analytical approach to problem solving. Good awareness of Cyber / Information / Data Security risks and the potential impact of these to the business. Use of issue management tools such as Jira, Service Now and confluence etc. Experience managing 3rd party suppliers. Benefits Starting with 25 days annual leave (plus bank holidays) Opportunity for a yearly bonus Life Assurance 2x annual salary Collaborative, fast paced working environment Hybrid Working Modern, vibrant offices If you are interested, please apply with your up-to-date CV or email (url removed) for more information.
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
Jan 20, 2025
Full time
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
Here at and Jet2holdidays , we're seeking an experienced Security Architect to protect critical business operations, safeguard sensitive data, and ensure secure system designs. You'll lead on technical security assurance, support incident management, mentor junior staff, and deputise for the Head of Cyber Security. This plays a key role in driving secure and resilient business outcomes. As our Security Architect , you'll have access to a wide range of benefits including: Manager bonus Hybrid working (we're in the office 2 days per week) Colleague discounts on and Jet2holidays flights At and Jet2holidays we're working together to deliver an amazing journey, literally! We work together to really drive forward a 'Customer First' ethos, creating unforgettable package holidays and flights. We couldn't do it without our wonderful people. What you'll be doing: Security Architecture Provide and maintain security architecture principles, standards, libraries, baseline configurations, policies and other artifacts for general and specific IT systems. Provide technical security assurance to internal IT system change governance boards. Validate IT infrastructure, applications and data reference architectures for security best practice and recommend changes to enhance security and reduce risk. Monitor, evaluate and continuously improve the security architecture capability. Capability Development Manage demand, tasks, workloads and output of the security architect capability. Provide data and metrics to measure security architecture effectiveness and impact. Support capability development, professional development and succession planning. What you'll have: Experience and Education Experience of cyber security engineering, design and governance. Industry IT and architecture qualifications, including CCNA, TOGAF, Azure, AWS, GCP etc. Architectural knowledge of applications, databases, operating systems, hypervisors, IP networks, storage area networks, containers/Kubernetes, Active Directory, endpoints, public cloud, development, APIs etc. Knowledge of frameworks including NIST, CIS, OWASP, PCI DSS, SWIFT, GDPR, NIS2 and CAA CAF. Skills and Behaviours Able to provide a 'path to yes', using data for transparent risk management decisions. Able and willing to develop own skills in IT, architecture, security, business acumen or leadership. Able to stay current with latest regulatory, IT, architecture and security developments. Is a change agent, able to leverage tooling, able to work in new efficient ways and continuously improve. Able to work in a fast-paced complex environment, working to deadlines while under pressure. Join us as we redefine travel experiences and create memories for millions of passengers. At and Jet2holidays , your potential has no limits. Apply today and let your career take flight!
Jan 20, 2025
Full time
Here at and Jet2holdidays , we're seeking an experienced Security Architect to protect critical business operations, safeguard sensitive data, and ensure secure system designs. You'll lead on technical security assurance, support incident management, mentor junior staff, and deputise for the Head of Cyber Security. This plays a key role in driving secure and resilient business outcomes. As our Security Architect , you'll have access to a wide range of benefits including: Manager bonus Hybrid working (we're in the office 2 days per week) Colleague discounts on and Jet2holidays flights At and Jet2holidays we're working together to deliver an amazing journey, literally! We work together to really drive forward a 'Customer First' ethos, creating unforgettable package holidays and flights. We couldn't do it without our wonderful people. What you'll be doing: Security Architecture Provide and maintain security architecture principles, standards, libraries, baseline configurations, policies and other artifacts for general and specific IT systems. Provide technical security assurance to internal IT system change governance boards. Validate IT infrastructure, applications and data reference architectures for security best practice and recommend changes to enhance security and reduce risk. Monitor, evaluate and continuously improve the security architecture capability. Capability Development Manage demand, tasks, workloads and output of the security architect capability. Provide data and metrics to measure security architecture effectiveness and impact. Support capability development, professional development and succession planning. What you'll have: Experience and Education Experience of cyber security engineering, design and governance. Industry IT and architecture qualifications, including CCNA, TOGAF, Azure, AWS, GCP etc. Architectural knowledge of applications, databases, operating systems, hypervisors, IP networks, storage area networks, containers/Kubernetes, Active Directory, endpoints, public cloud, development, APIs etc. Knowledge of frameworks including NIST, CIS, OWASP, PCI DSS, SWIFT, GDPR, NIS2 and CAA CAF. Skills and Behaviours Able to provide a 'path to yes', using data for transparent risk management decisions. Able and willing to develop own skills in IT, architecture, security, business acumen or leadership. Able to stay current with latest regulatory, IT, architecture and security developments. Is a change agent, able to leverage tooling, able to work in new efficient ways and continuously improve. Able to work in a fast-paced complex environment, working to deadlines while under pressure. Join us as we redefine travel experiences and create memories for millions of passengers. At and Jet2holidays , your potential has no limits. Apply today and let your career take flight!
Salary - £50,000 Full time, Permanent Package Description Up to 15% discretionary annual bonus 11% pension contribution (3% from you, 8% from us optional additional matched 3% contributions, e.g. 6% from you, 11% from us) 25 days annual leave plus flexible bank holidays (option to buy/sell 5 days) Private Medical Cover Healthcare cash plan 6x salary death in service Paid volunteering day A personal GP service enabling you to get a video consultation with an NHS-registered, private GP Employee Assistance Programme A range of shopping discounts from major high-street retailers Job Introduction We have an exciting opportunity for a Security Operations Engineer to join our Information Security based in Leeds! The role of a Security Operations Engineer is all about protecting the company s digital assets. You'll be in charge of managing and maintaining security tools, as well as making sure they work well together. You ll also play a key part in securing delivery pipelines offering strategic input on projects and helping to integrate DevSecOps practices into the development process. To succeed in this role, you ll need a solid understanding of security principles and practices so you can effectively detect, respond to, and prevent threats. You'll be working closely with teams like security operations, incident response, and development, all to help strengthen the company s overall security. Main Responsibilities As our new Security Operations Engineer, you will also: You ll be responsible for handling the implementation, integration, maintenance, and management of security tools like SIEM, EDR, and vulnerability management platforms. Assist security analysts and incident command team with ongoing alerts of note and incidents You ll collaborate with analysts and management to create and fine-tune detections, ensuring that the security posture is constantly evaluated and updated to stay in line with the evolving threat landscape. Provide recommendations on containment and hardening actions to be taken, in relation to security incidents You ll collaborate with analysts and management to create and fine-tune detections, ensuring that the security posture is constantly evaluated and updated to stay in line with the evolving threat landscape. You ll support Security Operations Analysts, the Incident Command Team, and any connected third-party service providers during incident response activities. The Ideal Candidate We are looking for: You should have strong IT skills, including a solid understanding of computer networks, operating systems, software, hardware, and security. You should have extensive hands-on experience with security tools and technologies, like SIEM, IDS/IPS, and firewalls and experience of working in Agile development environments. You should have experience reviewing security controls and implementing hardening measures based on industry standard benchmarks. You should be familiar with security domains, auditing standards, and risk analysis frameworks, such as ISO 27001, Cyber Essentials, PCI DSS, and others. Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals About The Company About the Team Technology is at the heart of our organisation. It empowers our colleagues to deliver the best in class service to our Members, whether that be through our systems, platforms and architecture or robust data insights to help influence business decisions. It is a very exciting time to get involved in our Member Experience, Digital and Data (MEDD) division, as the team are currently developing new Cloud-based architecture, introducing a new CRM system that will allow for better cross-team collaboration and streamlining our Member journey through customer-centric product development. How MEDD work We offer a truly-flexible hybrid working arrangement that is centred around our colleagues work-life balance. Technology allows us to collaborate effectively regardless of location, but we know sometimes you can t beat being with your team in-person and our team tends to come on-site once or twice a month. However, we expect this can fluctuate throughout the year depending on our projects and current work. The Medical Protection Society Ltd (MPS) is the world s leading protection organisation for Doctors, Dentists and healthcare professionals. We protect and support the professional interests of almost 300,000 members around the world. We are a not-for-profit organisation, meaning member s subscriptions are either invested into bettering the organisation, colleagues and products, or kept safe should members require support for complaints or claims arising from professional practice. Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit members and the wider healthcare professions. To do this, we need colleagues who are trusted and supported to deliver their best work, whether that be through leadership development, fully funded training courses or peer-to-peer support. We want colleagues to feel empowered to deliver positive change, display ambition to push themselves and be determined when faced with a challenge, whilst ensuring members best interests are at the core. Closing Date 31 December 2025
Jan 20, 2025
Full time
Salary - £50,000 Full time, Permanent Package Description Up to 15% discretionary annual bonus 11% pension contribution (3% from you, 8% from us optional additional matched 3% contributions, e.g. 6% from you, 11% from us) 25 days annual leave plus flexible bank holidays (option to buy/sell 5 days) Private Medical Cover Healthcare cash plan 6x salary death in service Paid volunteering day A personal GP service enabling you to get a video consultation with an NHS-registered, private GP Employee Assistance Programme A range of shopping discounts from major high-street retailers Job Introduction We have an exciting opportunity for a Security Operations Engineer to join our Information Security based in Leeds! The role of a Security Operations Engineer is all about protecting the company s digital assets. You'll be in charge of managing and maintaining security tools, as well as making sure they work well together. You ll also play a key part in securing delivery pipelines offering strategic input on projects and helping to integrate DevSecOps practices into the development process. To succeed in this role, you ll need a solid understanding of security principles and practices so you can effectively detect, respond to, and prevent threats. You'll be working closely with teams like security operations, incident response, and development, all to help strengthen the company s overall security. Main Responsibilities As our new Security Operations Engineer, you will also: You ll be responsible for handling the implementation, integration, maintenance, and management of security tools like SIEM, EDR, and vulnerability management platforms. Assist security analysts and incident command team with ongoing alerts of note and incidents You ll collaborate with analysts and management to create and fine-tune detections, ensuring that the security posture is constantly evaluated and updated to stay in line with the evolving threat landscape. Provide recommendations on containment and hardening actions to be taken, in relation to security incidents You ll collaborate with analysts and management to create and fine-tune detections, ensuring that the security posture is constantly evaluated and updated to stay in line with the evolving threat landscape. You ll support Security Operations Analysts, the Incident Command Team, and any connected third-party service providers during incident response activities. The Ideal Candidate We are looking for: You should have strong IT skills, including a solid understanding of computer networks, operating systems, software, hardware, and security. You should have extensive hands-on experience with security tools and technologies, like SIEM, IDS/IPS, and firewalls and experience of working in Agile development environments. You should have experience reviewing security controls and implementing hardening measures based on industry standard benchmarks. You should be familiar with security domains, auditing standards, and risk analysis frameworks, such as ISO 27001, Cyber Essentials, PCI DSS, and others. Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals About The Company About the Team Technology is at the heart of our organisation. It empowers our colleagues to deliver the best in class service to our Members, whether that be through our systems, platforms and architecture or robust data insights to help influence business decisions. It is a very exciting time to get involved in our Member Experience, Digital and Data (MEDD) division, as the team are currently developing new Cloud-based architecture, introducing a new CRM system that will allow for better cross-team collaboration and streamlining our Member journey through customer-centric product development. How MEDD work We offer a truly-flexible hybrid working arrangement that is centred around our colleagues work-life balance. Technology allows us to collaborate effectively regardless of location, but we know sometimes you can t beat being with your team in-person and our team tends to come on-site once or twice a month. However, we expect this can fluctuate throughout the year depending on our projects and current work. The Medical Protection Society Ltd (MPS) is the world s leading protection organisation for Doctors, Dentists and healthcare professionals. We protect and support the professional interests of almost 300,000 members around the world. We are a not-for-profit organisation, meaning member s subscriptions are either invested into bettering the organisation, colleagues and products, or kept safe should members require support for complaints or claims arising from professional practice. Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit members and the wider healthcare professions. To do this, we need colleagues who are trusted and supported to deliver their best work, whether that be through leadership development, fully funded training courses or peer-to-peer support. We want colleagues to feel empowered to deliver positive change, display ambition to push themselves and be determined when faced with a challenge, whilst ensuring members best interests are at the core. Closing Date 31 December 2025
Role Title: SIEM Engineer Duration: contract to run until 01/06/2025 Location: Wokingham, Hybrid 70/30% Rate: up to 567 p/d Umbrella inside IR35 Clearance required: Eligible to go through BPSS Role purpose / summary Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function. Manage and oversee the configuration of various security tools to enable key stakeholders, such as CSOC and Threat Hunting and Detection Engineering (THaDE). Collaborate with application administrators across the business to onboard data sources into the SIEM data lake. Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM. Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of control systems by CSO. Spearhead process improvement and curate, update and develop an internal cyber engineering knowledgebase (bonus points if you're already skilled in Mermaid or Markdown!) Key Skills/ requirements Is passionate about security and building secure infrastructure and secure foundations. Is curious. We often deal with bespoke or less common data sources and a willingness and enthusiasm to take on the challenge of making sense of these data sources is a must. Has strong analytical and problem-solving skills and ability to handle complex and dynamic situations. Has a keen awareness of current and emerging cyber threats, trends, and best practices. Has proven experience working with SIEM platforms and related tooling. Has a strong understanding of SIEM concepts and best practices. Is familiar with SIEM telemetry onboarding processes and techniques. Is knowledgeable about various data source formats and protocols (e.g., syslog, JSON, REST API). Has experience in troubleshooting and resolving data quality or ingestion issues. Has previously worked closely with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc. Is familiar with security incident response and investigation processes. Has excellent problem-solving and analytical skills. Has strong communication and collaboration abilities. May have relevant certifications (e.g. GIAC), but this is not required. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Jan 20, 2025
Contractor
Role Title: SIEM Engineer Duration: contract to run until 01/06/2025 Location: Wokingham, Hybrid 70/30% Rate: up to 567 p/d Umbrella inside IR35 Clearance required: Eligible to go through BPSS Role purpose / summary Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function. Manage and oversee the configuration of various security tools to enable key stakeholders, such as CSOC and Threat Hunting and Detection Engineering (THaDE). Collaborate with application administrators across the business to onboard data sources into the SIEM data lake. Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM. Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of control systems by CSO. Spearhead process improvement and curate, update and develop an internal cyber engineering knowledgebase (bonus points if you're already skilled in Mermaid or Markdown!) Key Skills/ requirements Is passionate about security and building secure infrastructure and secure foundations. Is curious. We often deal with bespoke or less common data sources and a willingness and enthusiasm to take on the challenge of making sense of these data sources is a must. Has strong analytical and problem-solving skills and ability to handle complex and dynamic situations. Has a keen awareness of current and emerging cyber threats, trends, and best practices. Has proven experience working with SIEM platforms and related tooling. Has a strong understanding of SIEM concepts and best practices. Is familiar with SIEM telemetry onboarding processes and techniques. Is knowledgeable about various data source formats and protocols (e.g., syslog, JSON, REST API). Has experience in troubleshooting and resolving data quality or ingestion issues. Has previously worked closely with security tooling such as EDR, Deception Tech, Malware Sandboxes, Vulnerability Management Tooling, etc. Is familiar with security incident response and investigation processes. Has excellent problem-solving and analytical skills. Has strong communication and collaboration abilities. May have relevant certifications (e.g. GIAC), but this is not required. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Azure Security Engineer £65,000 - £74,500 + bonus + benefits Azure Security Centre - Microsoft Defender for Cloud Southampton 3 days a week, remote working the rest of the time. My client, leader in the provision of equipment manufacturing to customers in the Water industry are enjoying rapid growth and off the back of this are recruiting for an experienced Azure Security Engineer to Audit and continually secure their evolving infrastructure following a series of mergers and acquisitions. The initial focus of the role will be to audit/perform gap analysis on the current infrastructure, identifying security risks and mitigating these with the use of Azure Security Centre, PowerShell scripting. The company aims to be 100% cloud based in the next year or so and do not require traditional windows system administration skills since they already have these skills in the existing team. This is an excellent opportunity for an Azure Security Engineer to help shape the evolving Azure Security function as the companies continues to grow. Azure Security Engineer who will be responsible for designing, implementing, and maintaining secure cloud-based solutions on the Microsoft Azure platform. This role ensures the integrity, confidentiality, and availability of information systems by applying cybersecurity best practices and leveraging Azure s security features. Tasks & Responsibilities: You will be designing, deploying, and managing Azure cloud infrastructure, and security controls for cloud-based environments, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) solution. This will be alongside implementing and maintaining virtual networks, storage accounts, and other Azure resources. (Azure Security Centre - Microsoft Defender for Cloud) You will be responsible for conducting regular security assessments and vulnerability scans, as well as monitoring and responding to security incidents and alerts. Perform root cause analysis and implement corrective actions. Ensure compliance within industry standards and regulations (e.g., GDPR, HIPAA). Conduct risk assessments and develop mitigation strategies. Work closely with development, operations, and IT teams to integrate security into the DevOps process. Provide guidance and support on security best practices. Essential skills for the position of Azure Security Engineer Proven experience with Microsoft Azure services and security features. Deep understanding of Azure networking concepts, security services (Azure Compute, Storage, Networking and Databases), and Azure security best practices. Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, CSSP, CISSP, or CEH. Demonstrable experience in cybersecurity and cloud engineering. Hands-on experience working with security tools and technologies (e.g. XDR, NDR, IDS/IPS, SIEM) Strong understanding of cloud security principles and best practices. Proficiency in scripting and automation (e.g., PowerShell, Azure CLI) Knowledge of virtual networks, and VPN gateways. Excellent problem-solving and analytical skills. Strong communication and teamwork abilities. Desirable skills Azure Sentinel, and Azure Key Vault. Knowledge of Azure Devops Skills with containerisation Knowledge of Azure data lake and Azure IOT hub a bonus, and additionally knowledge of Azure API tooling
Jan 20, 2025
Full time
Azure Security Engineer £65,000 - £74,500 + bonus + benefits Azure Security Centre - Microsoft Defender for Cloud Southampton 3 days a week, remote working the rest of the time. My client, leader in the provision of equipment manufacturing to customers in the Water industry are enjoying rapid growth and off the back of this are recruiting for an experienced Azure Security Engineer to Audit and continually secure their evolving infrastructure following a series of mergers and acquisitions. The initial focus of the role will be to audit/perform gap analysis on the current infrastructure, identifying security risks and mitigating these with the use of Azure Security Centre, PowerShell scripting. The company aims to be 100% cloud based in the next year or so and do not require traditional windows system administration skills since they already have these skills in the existing team. This is an excellent opportunity for an Azure Security Engineer to help shape the evolving Azure Security function as the companies continues to grow. Azure Security Engineer who will be responsible for designing, implementing, and maintaining secure cloud-based solutions on the Microsoft Azure platform. This role ensures the integrity, confidentiality, and availability of information systems by applying cybersecurity best practices and leveraging Azure s security features. Tasks & Responsibilities: You will be designing, deploying, and managing Azure cloud infrastructure, and security controls for cloud-based environments, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) solution. This will be alongside implementing and maintaining virtual networks, storage accounts, and other Azure resources. (Azure Security Centre - Microsoft Defender for Cloud) You will be responsible for conducting regular security assessments and vulnerability scans, as well as monitoring and responding to security incidents and alerts. Perform root cause analysis and implement corrective actions. Ensure compliance within industry standards and regulations (e.g., GDPR, HIPAA). Conduct risk assessments and develop mitigation strategies. Work closely with development, operations, and IT teams to integrate security into the DevOps process. Provide guidance and support on security best practices. Essential skills for the position of Azure Security Engineer Proven experience with Microsoft Azure services and security features. Deep understanding of Azure networking concepts, security services (Azure Compute, Storage, Networking and Databases), and Azure security best practices. Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, CSSP, CISSP, or CEH. Demonstrable experience in cybersecurity and cloud engineering. Hands-on experience working with security tools and technologies (e.g. XDR, NDR, IDS/IPS, SIEM) Strong understanding of cloud security principles and best practices. Proficiency in scripting and automation (e.g., PowerShell, Azure CLI) Knowledge of virtual networks, and VPN gateways. Excellent problem-solving and analytical skills. Strong communication and teamwork abilities. Desirable skills Azure Sentinel, and Azure Key Vault. Knowledge of Azure Devops Skills with containerisation Knowledge of Azure data lake and Azure IOT hub a bonus, and additionally knowledge of Azure API tooling
IT Field Operations Manager- Richmond- 55,000- 60,000 The IT Field Operations Manager requires a blend of technical expertise, leadership skills and the ability to improve operating standards. The successful candidate will be capable of managing field and remote engineers, and have experience leading projects with minimal oversight. Responsibilities: Lead, train, and supervise a team of senior/3rd line field engineers and remote engineers. Design and enforce robust processes for team performance, training, and documentation. Conduct regular one-to-ones, providing actionable feedback and setting clear goals. Act as the top technical escalation point for complex third-line issues. Manage critical infrastructure, including Windows Servers (Apply online only , Microsoft 365, Azure AD, and advanced networking (VLANs, DNS, firewalls). Ensure compliance with Cyber Essentials, GDPR, and other regulatory standards. Oversee major IT projects, including infrastructure upgrades and system migrations. Perform site surveys and pre-sales consultations with clients. Address documentation gaps, ensuring all processes and systems are thoroughly documented. Build and maintain relationships with clients, acting as a trusted advisor for technical solutions. Participate in technical client meetings and support pre-sales activities. Skills/ Experience: At least 7-10 years in IT, including technical leadership roles. Proven ability to manage a technical team and deliver high-quality outcomes. Advanced proficiency in Windows Servers, Microsoft 365, Azure AD, and networking (such as Cisco, Fortinet). Familiarity with tools like SolarWinds, VMware, and advanced imaging solutions. Strong client-facing communication skills and ability to manage high-pressure situations. Excellent organizational skills, with experience creating and enforcing structured processes. Tertiary IT qualification or industry certifications (e.g., Azure Solutions Architect, Cisco CCNP). Valid UK driver's license and access to a vehicle. Must live within 60 minutes of Richmond Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles. We practice a diverse and inclusive recruitment process that ensures equal opportunity for all we work with, irrespective of race, sexual orientation, mental or physical disability, age or gender. As an organisation, we encourage applications from all backgrounds and will ensure measures are met when required, to allow a fair process throughout. PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
Jan 20, 2025
Full time
IT Field Operations Manager- Richmond- 55,000- 60,000 The IT Field Operations Manager requires a blend of technical expertise, leadership skills and the ability to improve operating standards. The successful candidate will be capable of managing field and remote engineers, and have experience leading projects with minimal oversight. Responsibilities: Lead, train, and supervise a team of senior/3rd line field engineers and remote engineers. Design and enforce robust processes for team performance, training, and documentation. Conduct regular one-to-ones, providing actionable feedback and setting clear goals. Act as the top technical escalation point for complex third-line issues. Manage critical infrastructure, including Windows Servers (Apply online only , Microsoft 365, Azure AD, and advanced networking (VLANs, DNS, firewalls). Ensure compliance with Cyber Essentials, GDPR, and other regulatory standards. Oversee major IT projects, including infrastructure upgrades and system migrations. Perform site surveys and pre-sales consultations with clients. Address documentation gaps, ensuring all processes and systems are thoroughly documented. Build and maintain relationships with clients, acting as a trusted advisor for technical solutions. Participate in technical client meetings and support pre-sales activities. Skills/ Experience: At least 7-10 years in IT, including technical leadership roles. Proven ability to manage a technical team and deliver high-quality outcomes. Advanced proficiency in Windows Servers, Microsoft 365, Azure AD, and networking (such as Cisco, Fortinet). Familiarity with tools like SolarWinds, VMware, and advanced imaging solutions. Strong client-facing communication skills and ability to manage high-pressure situations. Excellent organizational skills, with experience creating and enforcing structured processes. Tertiary IT qualification or industry certifications (e.g., Azure Solutions Architect, Cisco CCNP). Valid UK driver's license and access to a vehicle. Must live within 60 minutes of Richmond Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles. We practice a diverse and inclusive recruitment process that ensures equal opportunity for all we work with, irrespective of race, sexual orientation, mental or physical disability, age or gender. As an organisation, we encourage applications from all backgrounds and will ensure measures are met when required, to allow a fair process throughout. PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
Our Business Workdry International is a market-leading provider of engineered solutions for the handling and treatment of water and wastewater. Our Selwood, Siltbuster, Vanderkamp and Holland Pump business combined form a UK, European and US leader in pumping solutions, on-site water treatment, wet waste processing and the prevention of waterborne pollution, delivering an unrivalled range of rapidly deployable solutions. We are committed to excellence in solutions and services, staff training and development, sustainability and diversity, and provide an environment where every team member can thrive and progress to their full potential. About The Role The Workdry Group has seen enormous growth over recent years and is scaling up its investment in technology to drive greater customer engagement and operational efficiency. Due to this we are recruiting a Azure Engineer who will be responsible for designing, implementing, and maintaining secure cloud-based solutions on the Microsoft Azure platform. This role ensures the integrity, confidentiality, and availability of information systems by applying cybersecurity best practices and leveraging Azure s security features. Tasks & Responsibilities: You will be designing, deploying, and managing Azure cloud infrastructure, and security controls for cloud-based environments, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) solution. This will be alongside implementing and maintaining virtual networks, storage accounts, and other Azure resources. (Azure Security Centre, Azure Sentinel, and Azure Key Vault.) You will be responsible for conducting regular security assessments and vulnerability scans, as well as monitoring and responding to security incidents and alerts. Perform root cause analysis and implement corrective actions. Ensure compliance within industry standards and regulations (e.g., GDPR, HIPAA). Conduct risk assessments and develop mitigation strategies. Work closely with development, operations, and IT teams to integrate security into our processes. Provide guidance and support on security best practices. Experience and Qualifications: Bachelor's degree in Computer Science, Information Technology, or relevant worked experience in a similar Azure role. Relevant certifications such as Microsoft Certified: Azure Solutions Architect, Azure Security Engineer Associate, CSSP, CISSP, or CEH. Demonstrable experience in cybersecurity and cloud engineering. Proven experience with Microsoft Azure services and security features. Deep understanding of Azure networking concepts, security services (Azure Compute, Storage, Networking and Databases), and Azure security best practices. Hands-on experience working with security tools and technologies (e.g. XDR, NDR, IDS/IPS, SIEM) including Azure Sentinel. Strong understanding of cloud security principles and best practices. Proficiency in scripting and automation (e.g., PowerShell, Azure CLI). Knowledge of virtual networks, load balancers and VPN gateways. Skills with containerisation (desirable) Knowledge of Azure data lake and Azure IOT hub a bonus, and additionally knowledge of Azure API tooling Excellent problem-solving and analytical skills. Strong communication and teamwork abilities. What we can offer you Competitive salary & eligible for company bonus scheme (annual and quarterly payments) Company car, or car allowance Private Medical Insurance Medicash Scheme - medical expenses scheme (access to 24hour online GP services, discounted gym memberships) Pension scheme with contribution based on total earnings not just salary 25 days holiday + 8 Bank Holidays and increasing annual leave entitlement with long service 3 x salary life insurance (DIS) Employee assistance programme (EAP) & access to Mental Health first aiders Employee discount scheme (discounts/vouchers for supermarkets, high street shops, holidays and more) Employee referral scheme Hybrid working pattern This role will involve regular travel nationally and occasionally internationally. This role is not open to Agencies - Please no calls or emails - Thank you. EDI Statement Workdry International Ltd is committed to encouraging equality, diversity, and inclusion among our workforce, and eliminating unlawful discrimination. We value transparency, respecting others and understanding differences. We give full and fair consideration to all applicants, regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. As part of your recruitment journey, we are happy to support requests for reasonable adjustments.
Jan 20, 2025
Full time
Our Business Workdry International is a market-leading provider of engineered solutions for the handling and treatment of water and wastewater. Our Selwood, Siltbuster, Vanderkamp and Holland Pump business combined form a UK, European and US leader in pumping solutions, on-site water treatment, wet waste processing and the prevention of waterborne pollution, delivering an unrivalled range of rapidly deployable solutions. We are committed to excellence in solutions and services, staff training and development, sustainability and diversity, and provide an environment where every team member can thrive and progress to their full potential. About The Role The Workdry Group has seen enormous growth over recent years and is scaling up its investment in technology to drive greater customer engagement and operational efficiency. Due to this we are recruiting a Azure Engineer who will be responsible for designing, implementing, and maintaining secure cloud-based solutions on the Microsoft Azure platform. This role ensures the integrity, confidentiality, and availability of information systems by applying cybersecurity best practices and leveraging Azure s security features. Tasks & Responsibilities: You will be designing, deploying, and managing Azure cloud infrastructure, and security controls for cloud-based environments, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) solution. This will be alongside implementing and maintaining virtual networks, storage accounts, and other Azure resources. (Azure Security Centre, Azure Sentinel, and Azure Key Vault.) You will be responsible for conducting regular security assessments and vulnerability scans, as well as monitoring and responding to security incidents and alerts. Perform root cause analysis and implement corrective actions. Ensure compliance within industry standards and regulations (e.g., GDPR, HIPAA). Conduct risk assessments and develop mitigation strategies. Work closely with development, operations, and IT teams to integrate security into our processes. Provide guidance and support on security best practices. Experience and Qualifications: Bachelor's degree in Computer Science, Information Technology, or relevant worked experience in a similar Azure role. Relevant certifications such as Microsoft Certified: Azure Solutions Architect, Azure Security Engineer Associate, CSSP, CISSP, or CEH. Demonstrable experience in cybersecurity and cloud engineering. Proven experience with Microsoft Azure services and security features. Deep understanding of Azure networking concepts, security services (Azure Compute, Storage, Networking and Databases), and Azure security best practices. Hands-on experience working with security tools and technologies (e.g. XDR, NDR, IDS/IPS, SIEM) including Azure Sentinel. Strong understanding of cloud security principles and best practices. Proficiency in scripting and automation (e.g., PowerShell, Azure CLI). Knowledge of virtual networks, load balancers and VPN gateways. Skills with containerisation (desirable) Knowledge of Azure data lake and Azure IOT hub a bonus, and additionally knowledge of Azure API tooling Excellent problem-solving and analytical skills. Strong communication and teamwork abilities. What we can offer you Competitive salary & eligible for company bonus scheme (annual and quarterly payments) Company car, or car allowance Private Medical Insurance Medicash Scheme - medical expenses scheme (access to 24hour online GP services, discounted gym memberships) Pension scheme with contribution based on total earnings not just salary 25 days holiday + 8 Bank Holidays and increasing annual leave entitlement with long service 3 x salary life insurance (DIS) Employee assistance programme (EAP) & access to Mental Health first aiders Employee discount scheme (discounts/vouchers for supermarkets, high street shops, holidays and more) Employee referral scheme Hybrid working pattern This role will involve regular travel nationally and occasionally internationally. This role is not open to Agencies - Please no calls or emails - Thank you. EDI Statement Workdry International Ltd is committed to encouraging equality, diversity, and inclusion among our workforce, and eliminating unlawful discrimination. We value transparency, respecting others and understanding differences. We give full and fair consideration to all applicants, regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. As part of your recruitment journey, we are happy to support requests for reasonable adjustments.