Role OVO-View Location: Bristol, London, Glasgow or Remote! (You have the flexibility to work wherever suits you best) Team: Information Security Salary banding: £71,240 - £111,130 Experience: Expert Working pattern: Full-Time Reporting to: Head of Information Security Sponsorship: Unfortunately we are unable to offer sponsorship for this role. This role in 3 words: Creator, Challenger, Coach Top 3 qualities for this role: Problem-solver, Curious, Collaborative In the words of the team, you should leave your current role for this one because . "You'll manage the team that drives and enables security by default and design across OVOTech. This includes selecting and implementing coaching, workflows and tooling to model threats, identify security risks and embed and document verification of build and runtime security. The solutions that security engineering build and operate power the reduction of downside risk thereby enhancing the opportunities for technology to enable Plan Zero." Everyone belongs at OVO At OVO, we are on a mission to solve one of humanity's biggest challenges, the climate crisis. And we know it takes all of us to change the world. That's why we need diverse people from all abilities, gender identities, ethnicities, ages, sexual orientations, life experiences and backgrounds to join us. Teamworking for the planet Everything we do here spins around Plan Zero. So, naturally, the team you'll be joining plays a gigantic role in making that happen. Here's how: We're hiring creators, challengers and coaches. Every role we're hiring puts people at the heart of our information security strategy and uses technology and operational processes to build a resilient and performant business. The Path to Zero is paved with well-informed risk and reward decisions! This role in a nutshell: The security engineering team collaborates with OVO's Engineering teams to secure the design and configuration of OVO applications, infrastructure and secure access to OVO's resources. As a Senior Security Engineering Manager you'll pioneer an innovative and inclusive culture, inspire with compelling security stories and land messages with clarity to engage those who the team work with, both within and outside the Enterprise Security and Platforms team. You'll personally excel at implementing reliable tools to prevent, mitigate or automatically remediate mis-configurations and vulnerabilities and extending operational excellence across all OVO-built and accessed applications and infrastructure. Crucially you'll serve and care for the people in security engineering creating an inclusive culture so all of our people feel they truly belong, are heard, and are open and encouraged to contribute to OVO's security mission. Your key outcomes will be: Lead the strategic design of mechanisms to incentivise and enable the security of OVO's data, applications, infrastructure and access. Collaboration with engineering teams and system administrators to develop and configure comprehensive security measures that align with OVO's goals and objectives. Provide OVOTech with a range of centrally operated security mechanisms and services, including web application firewalls, cloud and application security platforms, threat and risk assessments and penetration testing. Implementing secure coding practices to prevent common vulnerabilities in software development. Provide the cyber defense team with support during and post incidents to contain the damage, mitigate the impact, and facilitate the recovery of affected systems and data. Lead the analysis of vulnerabilities, misconfigurations, near-misses and incidents to enhance future security issue and incident handling and improve overall security posture. This includes identifying lessons learned, implementing necessary changes to security controls and procedures, and supporting the training and awareness programme to educate employees on security best practices. Lead and develop a highly motivated and respected team which actively participates in community events, engages in continuous learning, and collaborates with other security professionals to stay updated on emerging threats and effective security strategies. Systems. Familiarity with the following technologies and platforms would be advantageous (not a must have or exhaustive list): Cloud Native Application Protection and Cloud Security Posture Management (e.g. Wiz) GCP, AWS and Azure native security and compliance monitoring CI/CD product development pipelines and automation SaaS discovery, event monitoring and security posture management Identity and Access Management and Privileged Access Management platforms Application Security Verification Standard and related technologies Web Application Firewall and Zero Trust Solutions (e.g. Cloudflare, BeyondCorps) Security Information and Event Management (SIEM) and Security Orchestration and Automated Response (SOAR) Endpoint, Cloud and Identity Detection and Response Issue and Project Tracking (Jira) Cyber Asset and Attack Surface Management Infrastructure Vulnerability Scanning You'll be a successful Senior Security Engineering Manager at OVO if you Are a coach: you lead your engineering community and provide practical support and approaches to integrate security with OVOTech and business processes. You inspire others to develop simpler more automated approaches to embedding security by default and design. Are a challenger: you embrace failure and do not shy away from difficult conversations in order to drive security, product and engineering alignment. You are a champion for maximising the use of data and technology to enhance productivity and effective outcomes of security work. Are a creator: you are a hands-on engineer who understands the value of rotating between solving engineering problems and stepping back to view a longer time horizon. Switching between roadmap and sprint is something you control rather than are controlled by. Let's talk about what's in it for you We'll pay you between £71,240 - £111,130, depending on your specific skills and experience. If your expectations are a little different, have a chat with us! We keep our pay ranges broad on purpose to give us, and you, flexibility to match your experience to our zero carbon mission. You'll be eligible for an on-target bonus of 15%. We have one OVO bonus plan that focuses on the collective performance of our people to deliver our Plan Zero goal. We also offer plenty of green benefits and progressive policies to help you feel like you belong at OVO and there's flex pay. It's an extra 9% of your salary on top of your core pay to use as you like. You can take it as cash, add to your pension, or choose to spend it on a huge range of flex benefits. Here's a taster of what's on offer: For starters, you'll get 34 days of holiday (including bank holidays). For your health With benefits like a healthcare cash plan or private medical insurance depending on your career level, critical illness cover, life assurance, health assessments, and more For your wellbeing With gym membership, gadget, travel and cyber insurance, workplace ISA, will writing services, DNA testing, dental insurance, and more For your lifestyle With extra holiday buying, discount dining, culture cards, tech loans, and supporting your favourite charities with give-as-you-earn donations For your home Get up to £300 off any OVO Energy plan (when you pay by Direct Debit), plus personal carbon offsetting and great discounts on smart thermostats and EV chargers For your commute Nab a great deal on ultra-low emission car leasing , plus our cycle to work scheme and public transport season ticket loans Want to hear about our full range of flexible benefits and progressive people policies? Our People Team can tell you everything you need to know. For your Belonging To find better ways to support our people, we need to listen to each other's experiences and find ways to build a truly inclusive and diverse workplace. As part of this, we have 8 Belonging Networks at OVO. Led by our people, for our people - so when you join OVO, you can play a part - big or small - with any of the Networks. It's up to you. Oh, and one last thing We'd be thrilled if you tick off all our boxes, yet we also believe it's just as important we tick off all of yours. And if you think you have most of what we're looking for but not every single thing, go ahead and hit apply . We'd still love to hear from you! If you have any additional requirements, there's a space to let us know on the application form; we want to make the process as easy and comfortable for you as possible
Feb 01, 2024
Full time
Role OVO-View Location: Bristol, London, Glasgow or Remote! (You have the flexibility to work wherever suits you best) Team: Information Security Salary banding: £71,240 - £111,130 Experience: Expert Working pattern: Full-Time Reporting to: Head of Information Security Sponsorship: Unfortunately we are unable to offer sponsorship for this role. This role in 3 words: Creator, Challenger, Coach Top 3 qualities for this role: Problem-solver, Curious, Collaborative In the words of the team, you should leave your current role for this one because . "You'll manage the team that drives and enables security by default and design across OVOTech. This includes selecting and implementing coaching, workflows and tooling to model threats, identify security risks and embed and document verification of build and runtime security. The solutions that security engineering build and operate power the reduction of downside risk thereby enhancing the opportunities for technology to enable Plan Zero." Everyone belongs at OVO At OVO, we are on a mission to solve one of humanity's biggest challenges, the climate crisis. And we know it takes all of us to change the world. That's why we need diverse people from all abilities, gender identities, ethnicities, ages, sexual orientations, life experiences and backgrounds to join us. Teamworking for the planet Everything we do here spins around Plan Zero. So, naturally, the team you'll be joining plays a gigantic role in making that happen. Here's how: We're hiring creators, challengers and coaches. Every role we're hiring puts people at the heart of our information security strategy and uses technology and operational processes to build a resilient and performant business. The Path to Zero is paved with well-informed risk and reward decisions! This role in a nutshell: The security engineering team collaborates with OVO's Engineering teams to secure the design and configuration of OVO applications, infrastructure and secure access to OVO's resources. As a Senior Security Engineering Manager you'll pioneer an innovative and inclusive culture, inspire with compelling security stories and land messages with clarity to engage those who the team work with, both within and outside the Enterprise Security and Platforms team. You'll personally excel at implementing reliable tools to prevent, mitigate or automatically remediate mis-configurations and vulnerabilities and extending operational excellence across all OVO-built and accessed applications and infrastructure. Crucially you'll serve and care for the people in security engineering creating an inclusive culture so all of our people feel they truly belong, are heard, and are open and encouraged to contribute to OVO's security mission. Your key outcomes will be: Lead the strategic design of mechanisms to incentivise and enable the security of OVO's data, applications, infrastructure and access. Collaboration with engineering teams and system administrators to develop and configure comprehensive security measures that align with OVO's goals and objectives. Provide OVOTech with a range of centrally operated security mechanisms and services, including web application firewalls, cloud and application security platforms, threat and risk assessments and penetration testing. Implementing secure coding practices to prevent common vulnerabilities in software development. Provide the cyber defense team with support during and post incidents to contain the damage, mitigate the impact, and facilitate the recovery of affected systems and data. Lead the analysis of vulnerabilities, misconfigurations, near-misses and incidents to enhance future security issue and incident handling and improve overall security posture. This includes identifying lessons learned, implementing necessary changes to security controls and procedures, and supporting the training and awareness programme to educate employees on security best practices. Lead and develop a highly motivated and respected team which actively participates in community events, engages in continuous learning, and collaborates with other security professionals to stay updated on emerging threats and effective security strategies. Systems. Familiarity with the following technologies and platforms would be advantageous (not a must have or exhaustive list): Cloud Native Application Protection and Cloud Security Posture Management (e.g. Wiz) GCP, AWS and Azure native security and compliance monitoring CI/CD product development pipelines and automation SaaS discovery, event monitoring and security posture management Identity and Access Management and Privileged Access Management platforms Application Security Verification Standard and related technologies Web Application Firewall and Zero Trust Solutions (e.g. Cloudflare, BeyondCorps) Security Information and Event Management (SIEM) and Security Orchestration and Automated Response (SOAR) Endpoint, Cloud and Identity Detection and Response Issue and Project Tracking (Jira) Cyber Asset and Attack Surface Management Infrastructure Vulnerability Scanning You'll be a successful Senior Security Engineering Manager at OVO if you Are a coach: you lead your engineering community and provide practical support and approaches to integrate security with OVOTech and business processes. You inspire others to develop simpler more automated approaches to embedding security by default and design. Are a challenger: you embrace failure and do not shy away from difficult conversations in order to drive security, product and engineering alignment. You are a champion for maximising the use of data and technology to enhance productivity and effective outcomes of security work. Are a creator: you are a hands-on engineer who understands the value of rotating between solving engineering problems and stepping back to view a longer time horizon. Switching between roadmap and sprint is something you control rather than are controlled by. Let's talk about what's in it for you We'll pay you between £71,240 - £111,130, depending on your specific skills and experience. If your expectations are a little different, have a chat with us! We keep our pay ranges broad on purpose to give us, and you, flexibility to match your experience to our zero carbon mission. You'll be eligible for an on-target bonus of 15%. We have one OVO bonus plan that focuses on the collective performance of our people to deliver our Plan Zero goal. We also offer plenty of green benefits and progressive policies to help you feel like you belong at OVO and there's flex pay. It's an extra 9% of your salary on top of your core pay to use as you like. You can take it as cash, add to your pension, or choose to spend it on a huge range of flex benefits. Here's a taster of what's on offer: For starters, you'll get 34 days of holiday (including bank holidays). For your health With benefits like a healthcare cash plan or private medical insurance depending on your career level, critical illness cover, life assurance, health assessments, and more For your wellbeing With gym membership, gadget, travel and cyber insurance, workplace ISA, will writing services, DNA testing, dental insurance, and more For your lifestyle With extra holiday buying, discount dining, culture cards, tech loans, and supporting your favourite charities with give-as-you-earn donations For your home Get up to £300 off any OVO Energy plan (when you pay by Direct Debit), plus personal carbon offsetting and great discounts on smart thermostats and EV chargers For your commute Nab a great deal on ultra-low emission car leasing , plus our cycle to work scheme and public transport season ticket loans Want to hear about our full range of flexible benefits and progressive people policies? Our People Team can tell you everything you need to know. For your Belonging To find better ways to support our people, we need to listen to each other's experiences and find ways to build a truly inclusive and diverse workplace. As part of this, we have 8 Belonging Networks at OVO. Led by our people, for our people - so when you join OVO, you can play a part - big or small - with any of the Networks. It's up to you. Oh, and one last thing We'd be thrilled if you tick off all our boxes, yet we also believe it's just as important we tick off all of yours. And if you think you have most of what we're looking for but not every single thing, go ahead and hit apply . We'd still love to hear from you! If you have any additional requirements, there's a space to let us know on the application form; we want to make the process as easy and comfortable for you as possible
Job Profile SummaryGrade GResponsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Job Advert Business Information Security Lead BP has embarked on a new and exciting strategy, to deliver on its net-zero ambition, by driving new efficiency and business models, using new digital technologies. Putting our customers security at the heart of our products and processes we are transforming to become an integrated energy company and we are growing our Business Information Security team to meet the new digital demand. This is an opportunity to help build and further shape our business information security team. You will be focusing on partnering alongside our commercial and supporting businesses, to understand the business strategy enabling their digital ambitions to be delivered safely and securely. The role forms part of the Business Information Security team (BIS) you will have the opportunity to work across a number of different businesses and geographical locations within bp. Youll be responsible for protecting our businesses digital assets, working closely with senior leaders, team leads and business team members to ensure the appropriate awareness and adoption of cyber security practices and behaviors within the businesses. You will facilitate information security support for digital engagements, and lead information security assessments implementing technical controls and policy requirements. You will provide advice on risks as well as activities to mitigate potential cyber threats, preventing cyber breaches and reducing business impact. You will be increasing business awareness, understanding specific threat landscape, and the potential business impacts We are transforming the company quickly there will be plenty of room for progression we are committed to promoting from within and were looking for people to join us and make a real impact fast. Relationships: First point of contact for all information security matters within your accountability, developing and managing relationships with your partners to consult and advise on business activity. Collaborate with others, influence, and inspire change, proactively putting in place solutions to further protect bp against cyber incidents. Security: Provide security expertise, to deliver Digital Security strategy. Act as the first point of contact for your customer (teams) you will own the implementation and application of relevant operating processes and procedures, and ensure all activities adhere to our Groups security standards. Technology: Promote and build awareness of internal and external technology developments, being responsible for the delivery of process and system improvements. Safety: The safety of our people and customers is our highest priority. You will champion a philosophy of operational safety and ensure our architectures, designs and processes to enhance and improve bps digital security. Team: Engage with colleagues and business and support those working across our multi-functional teams. To help teams grow and deliver the most agile and commercially beneficial solutions, whilst being able to delegate, inspire and be proactive, alongside your team. ESSENTIAL EDUCATION: - Youll have a tertiary level education and/or equivalent relevant work experience. ESSENTIAL EXPERIENCE AND JOB REQUIREMENTS: Technical capability: (One of the following: CISM, CISSP, CRISC) or extensive experience in the following: Business Risk Management Consultancy Information Assurance Information Management Information security Relationship Management BUSINESS CAPABILITY : Demonstrated significant experience in either an internal or external information security and risk role, or similar. You will have digital security knowledge and experience in delivering security solutions, advice, and leading security processes for the specialism Extensive experience and a consistent track record in establishing relationships to form effective partnerships with senior stakeholders within the business EntityInnovation & Engineering Job Family GroupIT&S Group Relocation availableNo Travel requiredNegligible travel Time TypeFull time CountryUnited Kingdom About BPINNOVATION & ENGINEERING Join us in creating, growing, and delivering innovation at pace, enabling us to thrive while transitioning to a net zero world. All without compromising our operational risk management. Working with us, you can do this by: deploying our integrated capability and standards in service of our net zero and safety ambitions driving our digital transformation and pioneering new business models collaborating to deliver competitive customer-focused energy solutions originating, scaling and commercialising innovative ideas, and creating ground-breaking new businesses from them protecting us by assuring management of our greatest physical and digital risks Because together we are: Originators, builders, guardians and disruptors Engineers, technologists, scientists and entrepreneurs Empathetic, curious, creative and inclusive Legal disclaimerWe are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic background, neurodiversity/neurocognitive functioning, veteran status or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations.
Dec 19, 2022
Full time
Job Profile SummaryGrade GResponsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Job Advert Business Information Security Lead BP has embarked on a new and exciting strategy, to deliver on its net-zero ambition, by driving new efficiency and business models, using new digital technologies. Putting our customers security at the heart of our products and processes we are transforming to become an integrated energy company and we are growing our Business Information Security team to meet the new digital demand. This is an opportunity to help build and further shape our business information security team. You will be focusing on partnering alongside our commercial and supporting businesses, to understand the business strategy enabling their digital ambitions to be delivered safely and securely. The role forms part of the Business Information Security team (BIS) you will have the opportunity to work across a number of different businesses and geographical locations within bp. Youll be responsible for protecting our businesses digital assets, working closely with senior leaders, team leads and business team members to ensure the appropriate awareness and adoption of cyber security practices and behaviors within the businesses. You will facilitate information security support for digital engagements, and lead information security assessments implementing technical controls and policy requirements. You will provide advice on risks as well as activities to mitigate potential cyber threats, preventing cyber breaches and reducing business impact. You will be increasing business awareness, understanding specific threat landscape, and the potential business impacts We are transforming the company quickly there will be plenty of room for progression we are committed to promoting from within and were looking for people to join us and make a real impact fast. Relationships: First point of contact for all information security matters within your accountability, developing and managing relationships with your partners to consult and advise on business activity. Collaborate with others, influence, and inspire change, proactively putting in place solutions to further protect bp against cyber incidents. Security: Provide security expertise, to deliver Digital Security strategy. Act as the first point of contact for your customer (teams) you will own the implementation and application of relevant operating processes and procedures, and ensure all activities adhere to our Groups security standards. Technology: Promote and build awareness of internal and external technology developments, being responsible for the delivery of process and system improvements. Safety: The safety of our people and customers is our highest priority. You will champion a philosophy of operational safety and ensure our architectures, designs and processes to enhance and improve bps digital security. Team: Engage with colleagues and business and support those working across our multi-functional teams. To help teams grow and deliver the most agile and commercially beneficial solutions, whilst being able to delegate, inspire and be proactive, alongside your team. ESSENTIAL EDUCATION: - Youll have a tertiary level education and/or equivalent relevant work experience. ESSENTIAL EXPERIENCE AND JOB REQUIREMENTS: Technical capability: (One of the following: CISM, CISSP, CRISC) or extensive experience in the following: Business Risk Management Consultancy Information Assurance Information Management Information security Relationship Management BUSINESS CAPABILITY : Demonstrated significant experience in either an internal or external information security and risk role, or similar. You will have digital security knowledge and experience in delivering security solutions, advice, and leading security processes for the specialism Extensive experience and a consistent track record in establishing relationships to form effective partnerships with senior stakeholders within the business EntityInnovation & Engineering Job Family GroupIT&S Group Relocation availableNo Travel requiredNegligible travel Time TypeFull time CountryUnited Kingdom About BPINNOVATION & ENGINEERING Join us in creating, growing, and delivering innovation at pace, enabling us to thrive while transitioning to a net zero world. All without compromising our operational risk management. Working with us, you can do this by: deploying our integrated capability and standards in service of our net zero and safety ambitions driving our digital transformation and pioneering new business models collaborating to deliver competitive customer-focused energy solutions originating, scaling and commercialising innovative ideas, and creating ground-breaking new businesses from them protecting us by assuring management of our greatest physical and digital risks Because together we are: Originators, builders, guardians and disruptors Engineers, technologists, scientists and entrepreneurs Empathetic, curious, creative and inclusive Legal disclaimerWe are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic background, neurodiversity/neurocognitive functioning, veteran status or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations.
Senior Cyber Security Engineer - Incident Response Salary: £80,000 - £90,000 + STRONG 22% bonus Location: London (Hybrid) - Unfortunately not sponsorship can be provided for this role I am partnered with a GLOBAL financial exchange who are looking to build out their elite cyber security team. This team lead in protecting key financial infrastructures from emerging threats through instant response, platform deployment and automation. The security engineers play an integral role ensuring that the critical infrastructure of the company is secure against emerging cyber threats. Working within one of the ADVANCED technical capabilities, you will be responsible for defending and responding to incidents. What we are looking for: Experience in responding to incidents and an understanding of how to remediate them Capability to carry out incident management as well as threat hunting to detect threats before they arise Understanding of digital forensics and how to check through logs to spot potential vulnerabilities Apply if you have: Practical experience in digital forensics or incident response Knowledge of Splunk, Tanium, as well as other SIEM tools would be advantageous An in-depth knowledge of networks and the ability to implement such tools Not only is this an opportunity to work for a global company which used a wide technology stack, but this company also has a structured progression plan, and invests heavily into their employee's training and development. Next steps: If you are interested, apply above. Lawrence Harvey is acting as an Employment Business in regards to this position.
Dec 19, 2022
Full time
Senior Cyber Security Engineer - Incident Response Salary: £80,000 - £90,000 + STRONG 22% bonus Location: London (Hybrid) - Unfortunately not sponsorship can be provided for this role I am partnered with a GLOBAL financial exchange who are looking to build out their elite cyber security team. This team lead in protecting key financial infrastructures from emerging threats through instant response, platform deployment and automation. The security engineers play an integral role ensuring that the critical infrastructure of the company is secure against emerging cyber threats. Working within one of the ADVANCED technical capabilities, you will be responsible for defending and responding to incidents. What we are looking for: Experience in responding to incidents and an understanding of how to remediate them Capability to carry out incident management as well as threat hunting to detect threats before they arise Understanding of digital forensics and how to check through logs to spot potential vulnerabilities Apply if you have: Practical experience in digital forensics or incident response Knowledge of Splunk, Tanium, as well as other SIEM tools would be advantageous An in-depth knowledge of networks and the ability to implement such tools Not only is this an opportunity to work for a global company which used a wide technology stack, but this company also has a structured progression plan, and invests heavily into their employee's training and development. Next steps: If you are interested, apply above. Lawrence Harvey is acting as an Employment Business in regards to this position.
Description A Little Bit About Us: We are one of the longest established companies in the UK who specialise in the background screening. We provide a first line of defence for our clients across the globe, helping them ensure that their new hires are who they say they are and have the experience and qualifications stated on their CV or job application. Certn is a growing global technology company that is looking to reinvent the way organizations build Trust in People with technology and AI-backed background checks. We are proud to share that we recently secured 105 million in funding, were named one of Canada's Companies-to-Watch in Deloitte's Technology Fast 50 Awards, and are becoming one of the fastest-growing start-ups. Who are Certonians? We are football players, DIY creators, spicy-food lovers, karaoke lovers, wine connoisseurs, and so much more! We are a team of 400+ people currently living the dream at Certn and we are looking for more team members to level us up. If you are excited about working with a group that values accountability, working synergistically with one another, being inclusive of different perspectives, and not being an a hole - aka approaching all solutions & problems with compassion and empathy - we want to hear from you! This Opportunity: We are looking to offer an exciting new opportunity for an Senior IT Systems Administrator to join our Global Engineering team. You will be involved in exciting challenging projects and have exposure to leading edge technology, equipment and processes. For this role we are looking for someone who is eligible to work in the UK. This is a hybrid role part of the time based from the office and part of the time from home. Our UK Head office is in Sevenoaks, Kent. You will be reporting into the Head of IT based in Canada. Key Responsibilities As our Senior IT Systems Administrator , your role will include: Service and Support: Being a key escalation point for operational issues across EMEA (access requests, troubleshooting problems, issues, incident response when appropriate etc.) Providing end-user support via the phone, ticketing system, and remote support as well as on-site support if needed. Installing, configuring, and maintaining all company server hardware and network equipment. Ensuring system security through access control, backup, and network firewalls. Ensuring accurate record keeping of user accounts, user access, and EMEA inventory of hardware for recovery of assets and compliance when offboarding people. Configuring, maintaining and monitoring backup systems for proper functionality. Following proper disaster recovery strategies in case of system failures and cyberattacks. Setup of new hire onboarding tasks for various platforms. Supporting and finalising off boarding tasks for various platforms Collaborating with key stakeholders to build and deploy internal training and technical documentation, manuals, and IT policies. Innovation & Project Leadership: Leading projects independently including the roll out and continuous support of new IT system integrations across EMEA Certn/Credence Platforms. Responsibility for ensuring effective scoping of necessary equipment, making recommendations for new tools within budget, timely supply & deployment of equipment. Managing 3rd party relationships and potential decommissioning of services as required. Skills Knowledge and Expertise We are hoping you will bring Proven experience working as a System Administrator or a similar role in an enterprise environment. Experience managing tasks and workload using Jira or similar project management solutions. Project Management qualification highly beneficial. Experience with Azure AD, SharePoint, Office365, AWS, Google Workspace, and databases Experience with systems analysis, collecting requirements and required information regarding system configuration. You must be an excellent communicator, be willing to take accountability and enjoy innovation. This is a fast paced, quick changing organisation so the ability to work well with change is essential. If you like a challenge this this role is for you. Our team members can be found across Canada, the U.S., the U.K. and Australia and are well-adapted to working from home and the remote lifestyle, however, for this role we are looking for someone who is eligible to work in Canada to join our team. Benefits Benefits include: Competitive salary Share options 20 days Holiday (+ Bank Holidays) - Rising with service Contributory Pension Scheme Private Medical Insurance Life Assurance Critical illness cover Dental cover And a few more goodies Does this role sound like it was made for you, yet you don't check every box? We value diversity in our teams' experience. Whatever your background, experience, ethnicity, physical ability, sexual orientation, race, and gender is, we want to hear from you! We are dedicated to fostering an inclusive and diverse environment for all employees from all walks of life. One of our corporate goals is to build an environment that will be the best place for you to work and spend your time. To accomplish that, we know we need to develop a diverse team where everyone feels included and where a variety of voices are heard. If you have a disability that requires accommodation during any stage of our recruitment process, please let us know how we can best assist you About Credence Credence is one of the longest established companies in the background screening industry, with a senior management team that similarly has a long history of working in the international background check market. Our client base includes organisations throughout Europe, the Middle East, the US, Asia and Australia and we service a wide range of industries including financial services, industrial, oil & gas, business services, consulting, property management, education and IT related. As a background screening company, this is the experience we rely on to provide excellent service to clients - no matter the field. Due to the nature of our clients we have extensive experience in obtaining references throughout the world.
Dec 13, 2022
Full time
Description A Little Bit About Us: We are one of the longest established companies in the UK who specialise in the background screening. We provide a first line of defence for our clients across the globe, helping them ensure that their new hires are who they say they are and have the experience and qualifications stated on their CV or job application. Certn is a growing global technology company that is looking to reinvent the way organizations build Trust in People with technology and AI-backed background checks. We are proud to share that we recently secured 105 million in funding, were named one of Canada's Companies-to-Watch in Deloitte's Technology Fast 50 Awards, and are becoming one of the fastest-growing start-ups. Who are Certonians? We are football players, DIY creators, spicy-food lovers, karaoke lovers, wine connoisseurs, and so much more! We are a team of 400+ people currently living the dream at Certn and we are looking for more team members to level us up. If you are excited about working with a group that values accountability, working synergistically with one another, being inclusive of different perspectives, and not being an a hole - aka approaching all solutions & problems with compassion and empathy - we want to hear from you! This Opportunity: We are looking to offer an exciting new opportunity for an Senior IT Systems Administrator to join our Global Engineering team. You will be involved in exciting challenging projects and have exposure to leading edge technology, equipment and processes. For this role we are looking for someone who is eligible to work in the UK. This is a hybrid role part of the time based from the office and part of the time from home. Our UK Head office is in Sevenoaks, Kent. You will be reporting into the Head of IT based in Canada. Key Responsibilities As our Senior IT Systems Administrator , your role will include: Service and Support: Being a key escalation point for operational issues across EMEA (access requests, troubleshooting problems, issues, incident response when appropriate etc.) Providing end-user support via the phone, ticketing system, and remote support as well as on-site support if needed. Installing, configuring, and maintaining all company server hardware and network equipment. Ensuring system security through access control, backup, and network firewalls. Ensuring accurate record keeping of user accounts, user access, and EMEA inventory of hardware for recovery of assets and compliance when offboarding people. Configuring, maintaining and monitoring backup systems for proper functionality. Following proper disaster recovery strategies in case of system failures and cyberattacks. Setup of new hire onboarding tasks for various platforms. Supporting and finalising off boarding tasks for various platforms Collaborating with key stakeholders to build and deploy internal training and technical documentation, manuals, and IT policies. Innovation & Project Leadership: Leading projects independently including the roll out and continuous support of new IT system integrations across EMEA Certn/Credence Platforms. Responsibility for ensuring effective scoping of necessary equipment, making recommendations for new tools within budget, timely supply & deployment of equipment. Managing 3rd party relationships and potential decommissioning of services as required. Skills Knowledge and Expertise We are hoping you will bring Proven experience working as a System Administrator or a similar role in an enterprise environment. Experience managing tasks and workload using Jira or similar project management solutions. Project Management qualification highly beneficial. Experience with Azure AD, SharePoint, Office365, AWS, Google Workspace, and databases Experience with systems analysis, collecting requirements and required information regarding system configuration. You must be an excellent communicator, be willing to take accountability and enjoy innovation. This is a fast paced, quick changing organisation so the ability to work well with change is essential. If you like a challenge this this role is for you. Our team members can be found across Canada, the U.S., the U.K. and Australia and are well-adapted to working from home and the remote lifestyle, however, for this role we are looking for someone who is eligible to work in Canada to join our team. Benefits Benefits include: Competitive salary Share options 20 days Holiday (+ Bank Holidays) - Rising with service Contributory Pension Scheme Private Medical Insurance Life Assurance Critical illness cover Dental cover And a few more goodies Does this role sound like it was made for you, yet you don't check every box? We value diversity in our teams' experience. Whatever your background, experience, ethnicity, physical ability, sexual orientation, race, and gender is, we want to hear from you! We are dedicated to fostering an inclusive and diverse environment for all employees from all walks of life. One of our corporate goals is to build an environment that will be the best place for you to work and spend your time. To accomplish that, we know we need to develop a diverse team where everyone feels included and where a variety of voices are heard. If you have a disability that requires accommodation during any stage of our recruitment process, please let us know how we can best assist you About Credence Credence is one of the longest established companies in the background screening industry, with a senior management team that similarly has a long history of working in the international background check market. Our client base includes organisations throughout Europe, the Middle East, the US, Asia and Australia and we service a wide range of industries including financial services, industrial, oil & gas, business services, consulting, property management, education and IT related. As a background screening company, this is the experience we rely on to provide excellent service to clients - no matter the field. Due to the nature of our clients we have extensive experience in obtaining references throughout the world.
Director - Cyber Defense Operations DFIR The Director Cyber Defence Operations is responsible for leading a global team providing proactive threat detection and response capabilities across a vast technology environment encompassing both traditional on-premise and cutting-edge cloud native assets. The role will drive the strategic direction of the function, as well as providing hands-on expertise in predicting, preventing, detecting and responding to security threats of all types and sophistications. The Director Cyber Defence Operations will be a vocal proponent of modern approaches to autonomic security operations, driving a threat intelligence lead, data driven and engineering rooted philosophy across the team and wider business. The ideal candidate will be as comfortable presenting to senior stakeholders as they are deep in the depths of a complex and multi-faceted digital forensics investigation and will thrive on coming up with exciting new solutions to a broad range of standard and cutting-edge problems and seeing them through from design to execution. The Director Cyber Defence Operations will be a role model to the team and will succeed by continually upskilling others through their experiences, mindset and capabilities. Always challenging the status quo, looking at areas for development and not being afraid to seek out and eradicate problems to ensure the security of the business. Key Responsibilities: Lead and manage a global team of specialists performing continuous threat detection and response operations including: Signals acquisition Detection engineering Attack analysis Proactive threat hunting Incident response / incident management Digital forensics / malware analysis Own, develop, maintain and exercise cyber incident response plans, processes and playbooks. Work closely with Security Engineering teams to: Recommend system tuning/configuration improvements. Leverage and oversee automation & orchestration initiatives. Identify opportunities for application of data science techniques. Drive strategic capability development roadmap for TDR. Integration and exploitation of cyber threat intelligence in conjunction with internal CTI team and external sources. Ensure operational excellence through measurements, KPIs, reporting and continual process improvement. Evangelise forward thinking data and engineering lead operational models such as: Detection-as-code Autonomic security operations DevSecOps Continuous validation/testing Cloud-native security operations. Develop and manage a personnel skill and capabilities development framework. Continuous professional development through training, conferences and self-education. Required Skills: Significant and demonstrable experience working in advanced detection, threat hunting and/or incident response function as a lead. Experience developing incident response processes and supporting documentation. Understanding and application of proactive hypothesis-based threat hunting methodologies. Application and exploitation of common frameworks such as MITRE ATT&CK, NIST etc. Proficient in performing complex investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools across Windows, MacOS and Linux. Hands-on experience with modern detection technologies such as EDR/XDR, SIEM (Splunk/Sentinel), SOAR, NIPS/HIPS. Extensive knowledge of networking concepts, including network detection and response tooling and intrusion prevention (Snort, Zeek, Suricata etc.) Proficient with investigating large-scale data compromise events across a hybrid on-premise, public and private cloud environment (AWS, Azure, GCP preferred). Understanding and experience investigating and responding to incidents in cloud native technologies such as containers (Kubernetes, AWS ECS/Fargate) and serverless (AWS Lambda). Knowledge of digital forensics forensic best practices and industry standard methodologies including chain of custody, evidence acquisition and appropriate tooling (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.) Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners. Proficiency in at least one or more modern programming or scripting languages (Python, Go, Rust etc.) Evidence of previous security solution design, implementation and engineering successes. Understating of DevSecOps approach and implementation of "everything-as-code" models. Experience acting as a technical team lead and mentor to junior team members. Strong verbal and written communication skills. Qualifications & Experience: Degrees non-essential - equivalent prior work experience in the field, a must. Industry standard certifications (GCFA, GNFA, GCFE, CFCE, OSCP, CREST etc) are a plus but not essential. Memberships and participation in relevant professional associations (ISC2, ISACA etc). Previous contributions to the industry (conference talks, code projects, volunteering). Job: TECHNOLOGY Organization: Corporate Strategy & Technology Schedule: FULL_TIME Req ID: 9085
Dec 06, 2022
Full time
Director - Cyber Defense Operations DFIR The Director Cyber Defence Operations is responsible for leading a global team providing proactive threat detection and response capabilities across a vast technology environment encompassing both traditional on-premise and cutting-edge cloud native assets. The role will drive the strategic direction of the function, as well as providing hands-on expertise in predicting, preventing, detecting and responding to security threats of all types and sophistications. The Director Cyber Defence Operations will be a vocal proponent of modern approaches to autonomic security operations, driving a threat intelligence lead, data driven and engineering rooted philosophy across the team and wider business. The ideal candidate will be as comfortable presenting to senior stakeholders as they are deep in the depths of a complex and multi-faceted digital forensics investigation and will thrive on coming up with exciting new solutions to a broad range of standard and cutting-edge problems and seeing them through from design to execution. The Director Cyber Defence Operations will be a role model to the team and will succeed by continually upskilling others through their experiences, mindset and capabilities. Always challenging the status quo, looking at areas for development and not being afraid to seek out and eradicate problems to ensure the security of the business. Key Responsibilities: Lead and manage a global team of specialists performing continuous threat detection and response operations including: Signals acquisition Detection engineering Attack analysis Proactive threat hunting Incident response / incident management Digital forensics / malware analysis Own, develop, maintain and exercise cyber incident response plans, processes and playbooks. Work closely with Security Engineering teams to: Recommend system tuning/configuration improvements. Leverage and oversee automation & orchestration initiatives. Identify opportunities for application of data science techniques. Drive strategic capability development roadmap for TDR. Integration and exploitation of cyber threat intelligence in conjunction with internal CTI team and external sources. Ensure operational excellence through measurements, KPIs, reporting and continual process improvement. Evangelise forward thinking data and engineering lead operational models such as: Detection-as-code Autonomic security operations DevSecOps Continuous validation/testing Cloud-native security operations. Develop and manage a personnel skill and capabilities development framework. Continuous professional development through training, conferences and self-education. Required Skills: Significant and demonstrable experience working in advanced detection, threat hunting and/or incident response function as a lead. Experience developing incident response processes and supporting documentation. Understanding and application of proactive hypothesis-based threat hunting methodologies. Application and exploitation of common frameworks such as MITRE ATT&CK, NIST etc. Proficient in performing complex investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools across Windows, MacOS and Linux. Hands-on experience with modern detection technologies such as EDR/XDR, SIEM (Splunk/Sentinel), SOAR, NIPS/HIPS. Extensive knowledge of networking concepts, including network detection and response tooling and intrusion prevention (Snort, Zeek, Suricata etc.) Proficient with investigating large-scale data compromise events across a hybrid on-premise, public and private cloud environment (AWS, Azure, GCP preferred). Understanding and experience investigating and responding to incidents in cloud native technologies such as containers (Kubernetes, AWS ECS/Fargate) and serverless (AWS Lambda). Knowledge of digital forensics forensic best practices and industry standard methodologies including chain of custody, evidence acquisition and appropriate tooling (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.) Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners. Proficiency in at least one or more modern programming or scripting languages (Python, Go, Rust etc.) Evidence of previous security solution design, implementation and engineering successes. Understating of DevSecOps approach and implementation of "everything-as-code" models. Experience acting as a technical team lead and mentor to junior team members. Strong verbal and written communication skills. Qualifications & Experience: Degrees non-essential - equivalent prior work experience in the field, a must. Industry standard certifications (GCFA, GNFA, GCFE, CFCE, OSCP, CREST etc) are a plus but not essential. Memberships and participation in relevant professional associations (ISC2, ISACA etc). Previous contributions to the industry (conference talks, code projects, volunteering). Job: TECHNOLOGY Organization: Corporate Strategy & Technology Schedule: FULL_TIME Req ID: 9085
As a team: Our CyberInvestigation and Forensic Response (CIFR)practice is rapidly growing, and we are hiring mid to very senior levelincident responseand threat huntingprofessionals to work with our F500 enterprise customers. With our recent acquisitionswe continue to enhance ourincident response, threat hunting, forensics, threat intelligence, andpurpleteaming capabilities. With Accenture Security, you willbe part of a specialized team to respond to some of the largest and most complex data breaches around the world, as well as conduct cyber threat hunting in some of the most complexbusinessenvironments, leveraging a variety of tools and techniques. You will work in a fast paced and highly collaborative environmentalong with adiverse team of talent, in support of one mission - providing expert incident response services to Accenture customers In our team you will learn: • Leadend-to-endincident responseinvestigations withAccenture's customer • Identify and investigate intrusions to determine the cause and extent of the breach,byleveragingEDR solutions andthreat intelligence sources • Conduct host forensics, networkforensics, log analysis, and malwareanalysisin support of incident response investigations • Conductthreathunting acrosscustomer'snetworks with indicators of compromise,huntingfor evidence of a compromise • Conduct incident responsewithin various Cloud platforms • Identifyattacker tools, tactics, and procedures to developindicators of compromise • Develop and implement remediation plans in conjunction with incident response • Form and articulate expert opinions based on findingsand analysis • Producecomprehensive and accurateoral and writtenreports and presentations for both technical and executive audiences • Effectively communicate and interface withcustomers, both technically and strategically from the executive level,tocustomersstakeholdersand legal counsel • Support leadership in properly scopingengagementswith innovative methodical approaches, based oncustomerrequirements • Leadengagement deliveryfrom kick-off through remediation, either on premises or remote, depending oncustomerrequirements • On-site,customertravel will be required for this position Desired Skills • Expert knowledge of forensic file system and memory techniques and use of the most commonly used toolsets, such asEnCaseand FTK SuiteDeep technical knowledge of methods utilized for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis,and evidentiary reporting • Experience with IDA Pro,OllyDbg,other disassemblers/debuggers • Thorough understanding of cyber security operations, security monitoring,EDRand SIEM tools, to include Endgame, Falcon,and SplunkDetailed knowledge of Windows &Unix based operating systemsand administrative tools • Windows disk and memory forensicsUnix or Linux disk and memory forensicsStatic and dynamic malware analysisNetwork traffic and protocol analysis utilizing tools such as Wireshark • Appliedknowledgeof security controls such as authentication and identity management, security enhanced network architectures and application based controls(including Windows, Unix, and network equipment) •Excellenttime management, writing and communication skillsStronganalytic, qualitative, andquantitative reasoning skills Nice Skills to Have Bachelor's Degreein Computer Engineering, Computer Science, Cyber Security, Information Security or related disciplinesSecurity certifications: CISSP, SANS GIAC (GREM, GCFA, GCIH), OSCPMinimum 5years of comparable experience Show more Show less Qualifications Location: UK This role can be based from our dedicated Cyber Defence facilities in London or Cheltenham, or from our Edinburgh office working alongside Cyber Defence colleagues. Alternatively the role can be performed remotely from any location within reach of an Accenture UK office. SC clearance is needed for this role or candidates who are eligible for SC clearance. What We Believe We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment. Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here Equal Employment Opportunity Statement Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Accenture is committed to providing veteran employment opportunities to our service men and women. For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement . RROOTS SRG100 Locations Birmingham,Cheltenham,Edinburgh,Glasgow,London,Manchester
Sep 24, 2022
Full time
As a team: Our CyberInvestigation and Forensic Response (CIFR)practice is rapidly growing, and we are hiring mid to very senior levelincident responseand threat huntingprofessionals to work with our F500 enterprise customers. With our recent acquisitionswe continue to enhance ourincident response, threat hunting, forensics, threat intelligence, andpurpleteaming capabilities. With Accenture Security, you willbe part of a specialized team to respond to some of the largest and most complex data breaches around the world, as well as conduct cyber threat hunting in some of the most complexbusinessenvironments, leveraging a variety of tools and techniques. You will work in a fast paced and highly collaborative environmentalong with adiverse team of talent, in support of one mission - providing expert incident response services to Accenture customers In our team you will learn: • Leadend-to-endincident responseinvestigations withAccenture's customer • Identify and investigate intrusions to determine the cause and extent of the breach,byleveragingEDR solutions andthreat intelligence sources • Conduct host forensics, networkforensics, log analysis, and malwareanalysisin support of incident response investigations • Conductthreathunting acrosscustomer'snetworks with indicators of compromise,huntingfor evidence of a compromise • Conduct incident responsewithin various Cloud platforms • Identifyattacker tools, tactics, and procedures to developindicators of compromise • Develop and implement remediation plans in conjunction with incident response • Form and articulate expert opinions based on findingsand analysis • Producecomprehensive and accurateoral and writtenreports and presentations for both technical and executive audiences • Effectively communicate and interface withcustomers, both technically and strategically from the executive level,tocustomersstakeholdersand legal counsel • Support leadership in properly scopingengagementswith innovative methodical approaches, based oncustomerrequirements • Leadengagement deliveryfrom kick-off through remediation, either on premises or remote, depending oncustomerrequirements • On-site,customertravel will be required for this position Desired Skills • Expert knowledge of forensic file system and memory techniques and use of the most commonly used toolsets, such asEnCaseand FTK SuiteDeep technical knowledge of methods utilized for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis,and evidentiary reporting • Experience with IDA Pro,OllyDbg,other disassemblers/debuggers • Thorough understanding of cyber security operations, security monitoring,EDRand SIEM tools, to include Endgame, Falcon,and SplunkDetailed knowledge of Windows &Unix based operating systemsand administrative tools • Windows disk and memory forensicsUnix or Linux disk and memory forensicsStatic and dynamic malware analysisNetwork traffic and protocol analysis utilizing tools such as Wireshark • Appliedknowledgeof security controls such as authentication and identity management, security enhanced network architectures and application based controls(including Windows, Unix, and network equipment) •Excellenttime management, writing and communication skillsStronganalytic, qualitative, andquantitative reasoning skills Nice Skills to Have Bachelor's Degreein Computer Engineering, Computer Science, Cyber Security, Information Security or related disciplinesSecurity certifications: CISSP, SANS GIAC (GREM, GCFA, GCIH), OSCPMinimum 5years of comparable experience Show more Show less Qualifications Location: UK This role can be based from our dedicated Cyber Defence facilities in London or Cheltenham, or from our Edinburgh office working alongside Cyber Defence colleagues. Alternatively the role can be performed remotely from any location within reach of an Accenture UK office. SC clearance is needed for this role or candidates who are eligible for SC clearance. What We Believe We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment. Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here Equal Employment Opportunity Statement Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Accenture is committed to providing veteran employment opportunities to our service men and women. For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement . RROOTS SRG100 Locations Birmingham,Cheltenham,Edinburgh,Glasgow,London,Manchester
Why the Enterprise Security team at Dyson? Scroll down for a complete overview of what this job will require Are you the right candidate for this opportunity At Dyson, we research, design, manufacture and sell a range of cutting-edge, technology enabled products. We constantly innovate, exploring new markets and technologies, connecting to our customers and products in new ways. As a "multi-dimensional" organisation, Dyson's technology solutions support a whole range of functions worldwide - everything from secure research facilities, to AI enabled robotic manufacturing, to apps which connect owners to our products, to our global physical and online retail footprint. This presents a highly complex, challenging and ever-evolving cyber risk landscape, and a need for continual review and vigilance to reflect emerging new threats. With board level commitment, and a team backed by a significant investment programme, this newly created role reflects the importance of world class cyber defence and security engineering to Dyson. There's ample scope to develop technical expertise, leadership, business partnering and programme management skills. About you We're looking for: A thought-leader who inspires others to achieve outstanding results A true champion of diversity, who demonstrates sensitivity to the diversity of cultures across our operations Intellectual agility, with the ability to apply it to a wide range of business contexts An exceptional track-record of building enterprise security architecture and engineering functions, including setting up best in class enterprise security capabilities Broad cyber security subject matter expertise, acquired in the context of a complex, multinational environment Ability to navigate business complexity, risks and uncertainty, and make evidence-based decisions and recommendations The business partnering and communication skills required to influence widely at a senior level Ability to coach others in agile and iterative technology engineering styles and culture, continuously deliver business value, and maintain a high delivery cadence. (See below for detailed technical requirements) About the role As one of two new leadership roles (UK & Singapore), you'll work closely with your APAC counterpart to build and manage two regional Digital Security Architecture functions. Your aim is frictionless security, which enables the business to achieve output and uptime goals through cyber resilience services and a strong cyber security culture As part of the Cyber Security Architecture Leadership team, help define and iterate Dyson's Cyber Security Strategy, Transformation Roadmap, and Governance Framework Lead a regional team of security architecture experts, provide a supportive environment that attracts and retains talent Act as a trusted advisor, provide security leadership and guidance to business divisions, projects and 3rd parties. Support project teams with high and low-level security consultancy Influence stakeholders: IT architects, developers and engineers, programme managers, business data owners. Build relationships, and business confidence in actions and recommendations. Develop and implement digital security blueprints for the design, build and maintenance of e.g. products, manufacturing plants, connected platforms and devices, IT infrastructure and applications Detailed technical requirements: Expert knowledge: Security tools, techniques and best practice within enterprise environments DevOps practices, embedding security in the software development lifecycle Current industry security threats, challenges and mitigation techniques Track record in operational security architecture and engineering in at least two of the following three areas: Embedded product software Operational Technology / manufacturing IT applications / infrastructure / Cloud Understanding of: IT Security Controls Identify Access Management User Behaviour Analytics Data Loss Prevention SIEM Incident Response Industry standard frameworks (e.g. ISO 2700x, NIST, ITIL) Best practices (e.g. CIS, SANs, OWASP, CSA) Regulations (e.g. PCI DSS, GDPR, China CSL). Experience may include Network & Infrastructure Security Application Security Cloud & Mobility Security (IaaS, PaaS, SaaS, CDN) Data/Database Security, etc. Dyson
Aug 04, 2022
Full time
Why the Enterprise Security team at Dyson? Scroll down for a complete overview of what this job will require Are you the right candidate for this opportunity At Dyson, we research, design, manufacture and sell a range of cutting-edge, technology enabled products. We constantly innovate, exploring new markets and technologies, connecting to our customers and products in new ways. As a "multi-dimensional" organisation, Dyson's technology solutions support a whole range of functions worldwide - everything from secure research facilities, to AI enabled robotic manufacturing, to apps which connect owners to our products, to our global physical and online retail footprint. This presents a highly complex, challenging and ever-evolving cyber risk landscape, and a need for continual review and vigilance to reflect emerging new threats. With board level commitment, and a team backed by a significant investment programme, this newly created role reflects the importance of world class cyber defence and security engineering to Dyson. There's ample scope to develop technical expertise, leadership, business partnering and programme management skills. About you We're looking for: A thought-leader who inspires others to achieve outstanding results A true champion of diversity, who demonstrates sensitivity to the diversity of cultures across our operations Intellectual agility, with the ability to apply it to a wide range of business contexts An exceptional track-record of building enterprise security architecture and engineering functions, including setting up best in class enterprise security capabilities Broad cyber security subject matter expertise, acquired in the context of a complex, multinational environment Ability to navigate business complexity, risks and uncertainty, and make evidence-based decisions and recommendations The business partnering and communication skills required to influence widely at a senior level Ability to coach others in agile and iterative technology engineering styles and culture, continuously deliver business value, and maintain a high delivery cadence. (See below for detailed technical requirements) About the role As one of two new leadership roles (UK & Singapore), you'll work closely with your APAC counterpart to build and manage two regional Digital Security Architecture functions. Your aim is frictionless security, which enables the business to achieve output and uptime goals through cyber resilience services and a strong cyber security culture As part of the Cyber Security Architecture Leadership team, help define and iterate Dyson's Cyber Security Strategy, Transformation Roadmap, and Governance Framework Lead a regional team of security architecture experts, provide a supportive environment that attracts and retains talent Act as a trusted advisor, provide security leadership and guidance to business divisions, projects and 3rd parties. Support project teams with high and low-level security consultancy Influence stakeholders: IT architects, developers and engineers, programme managers, business data owners. Build relationships, and business confidence in actions and recommendations. Develop and implement digital security blueprints for the design, build and maintenance of e.g. products, manufacturing plants, connected platforms and devices, IT infrastructure and applications Detailed technical requirements: Expert knowledge: Security tools, techniques and best practice within enterprise environments DevOps practices, embedding security in the software development lifecycle Current industry security threats, challenges and mitigation techniques Track record in operational security architecture and engineering in at least two of the following three areas: Embedded product software Operational Technology / manufacturing IT applications / infrastructure / Cloud Understanding of: IT Security Controls Identify Access Management User Behaviour Analytics Data Loss Prevention SIEM Incident Response Industry standard frameworks (e.g. ISO 2700x, NIST, ITIL) Best practices (e.g. CIS, SANs, OWASP, CSA) Regulations (e.g. PCI DSS, GDPR, China CSL). Experience may include Network & Infrastructure Security Application Security Cloud & Mobility Security (IaaS, PaaS, SaaS, CDN) Data/Database Security, etc. Dyson
Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC's clients. In a recent PwC survey it remains the top risk in the minds of CEO's globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale. At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise. As one of the largest cyber security specialist consulting practices in the UK, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs. Our practice is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely. We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm. The Role We are seeking a number of experienced consulting Senior Managers to join our "Government and Public Sector" advisory team within our Cyber security practice, to respond to strong demand-led growth. The cyber security advisory team helps clients to understand their cyber risks and define and execute a strategy which enables the business to deliver its objectives within their desired risk envelope. We support client leadership teams to define their risk appetite and a proportionate target state of cyber capability and maturity to deliver it; we define operating and governance models to make cyber security a sustainable capability which responds to evolving business priorities; we deliver complex multi-year transformation programmes both uplifting clients' cyber security capability, and baking cyber security in to other transformation agendas. The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Defence & Security Healthcare Public Sector Transport You may have worked within a government or public sector organisation or across multiple private sector industries, or have developed a deep specialism in a particular sector. Whichever of these describes you, you will be developing a strong track record of credibility as a trusted advisor to senior business stakeholders on cyber security. You will also have strong relationship building skills and you will be starting to demonstrate a track record of identifying opportunities to serve clients, develop new business and you'll be keen to support our practice senior leaders to respond to client needs and win new work. ResponsibilitiesClient service Managing and delivering cyber security and cyber risk assignments, including producing documentation and reports, and quality assuring the work produced by junior team members. Working as a subject matter expert in your particular field to support a team, and/or managing a larger team in delivering engagements at scale. Maintaining awareness of key business and industry trends, and understanding how they impact responses to cyber risk. Providing our clients with trusted advice, rooted in a pragmatic understanding of their business situation and objectives, to help them navigate complex, risk-driven Cyber decisions. Business and practice development Building client relationships and establishing credibility by demonstrating knowledge of various aspects of cyber security, and identify opportunities where PwC can assist. Identifying client issues and qualifying opportunities for PwC to respond to those challenges, and working with senior members of the team in developing client proposals and solution offerings. Driving the development of toolkits, methodologies and accelerators. Helping recruit, retain and develop other cyber security team members. Skills & Experience Excellent communication skills - both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate recommendations and actions succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client's needs). A keen eye for detail and strong focus on encouraging quality work by all team members, and a constructive approach to developing and mentoring colleagues with those goals in mind. Experience of business development or sales, including leading bid teams, and experience of writing winning proposals and RFP responses. Experience helping clients effect substantial and complex business change, and experience of assuring or enabling change at scale is essential. Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Broad range of cyber and information security skills, knowledge and experience, perhaps underpinned by a deeper SME in one of our key advisory practice areas (see ) or in one or more of the industries mentioned above. We welcome applications from candidates who have spent time working "in-house" in a relevant organisation, but it is likely that you will have gained at least some of your experience working in a business-oriented consulting environment where you have supported or provided advice to clients' senior business leaders, and relationship-based business development experience is essential. Industry and Location The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Healthcare Public Sector Transport We welcome applications from candidates with experience in any combination of these industries, or specialists who have deep expertise and credibility in the cyber security agenda of one of them. We have major cyber practice hubs in six major cities across the UK, and these roles are likely to be based in: London (Charing Cross) Reading Birmingham Manchester or Edinburgh Depending on your experience and skillset and any industry vertical focus you may bring, we will however consider a base location at any of PwC's UK offices. We are a national practice which serves clients across the UK and EMEA, and willingness to travel to support client needs is essential; however we actively support and promote flexible and hybrid working consistent with business and client needs. What you will get Our purpose as a cyber security practice is to help solve complex problems and build a secure digital society. Within our practice, you will have the opportunity to broaden experience across industries, manage teams in delivering engagements at scale, build relationships with clients and senior groups, and be involved in big business changes. You'll contribute to delivering cyber security to some of the world's most iconic companies and brands, and to helping them to build their cyber defences, assure those defences and respond to incidents. Working in cyber security at PwC will give you unparalleled breadth of experience, and insight into how a wide range of client businesses work. You'll work in a team where we mix a supportive and collaborative culture with a challenging and high performance one. You'll be rewarded for your contribution and impact in building our business and delivering on our purpose. You'll be supported to develop your career by an experienced and close-knit team of Partners and Directors who will invest in your career and experience and provide you with mentoring and coaching to transition to PwC and grow your career in our firm. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities..... click apply for full job details
Dec 08, 2021
Full time
Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC's clients. In a recent PwC survey it remains the top risk in the minds of CEO's globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale. At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise. As one of the largest cyber security specialist consulting practices in the UK, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs. Our practice is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely. We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm. The Role We are seeking a number of experienced consulting Senior Managers to join our "Government and Public Sector" advisory team within our Cyber security practice, to respond to strong demand-led growth. The cyber security advisory team helps clients to understand their cyber risks and define and execute a strategy which enables the business to deliver its objectives within their desired risk envelope. We support client leadership teams to define their risk appetite and a proportionate target state of cyber capability and maturity to deliver it; we define operating and governance models to make cyber security a sustainable capability which responds to evolving business priorities; we deliver complex multi-year transformation programmes both uplifting clients' cyber security capability, and baking cyber security in to other transformation agendas. The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Defence & Security Healthcare Public Sector Transport You may have worked within a government or public sector organisation or across multiple private sector industries, or have developed a deep specialism in a particular sector. Whichever of these describes you, you will be developing a strong track record of credibility as a trusted advisor to senior business stakeholders on cyber security. You will also have strong relationship building skills and you will be starting to demonstrate a track record of identifying opportunities to serve clients, develop new business and you'll be keen to support our practice senior leaders to respond to client needs and win new work. ResponsibilitiesClient service Managing and delivering cyber security and cyber risk assignments, including producing documentation and reports, and quality assuring the work produced by junior team members. Working as a subject matter expert in your particular field to support a team, and/or managing a larger team in delivering engagements at scale. Maintaining awareness of key business and industry trends, and understanding how they impact responses to cyber risk. Providing our clients with trusted advice, rooted in a pragmatic understanding of their business situation and objectives, to help them navigate complex, risk-driven Cyber decisions. Business and practice development Building client relationships and establishing credibility by demonstrating knowledge of various aspects of cyber security, and identify opportunities where PwC can assist. Identifying client issues and qualifying opportunities for PwC to respond to those challenges, and working with senior members of the team in developing client proposals and solution offerings. Driving the development of toolkits, methodologies and accelerators. Helping recruit, retain and develop other cyber security team members. Skills & Experience Excellent communication skills - both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate recommendations and actions succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client's needs). A keen eye for detail and strong focus on encouraging quality work by all team members, and a constructive approach to developing and mentoring colleagues with those goals in mind. Experience of business development or sales, including leading bid teams, and experience of writing winning proposals and RFP responses. Experience helping clients effect substantial and complex business change, and experience of assuring or enabling change at scale is essential. Experience providing expert strategy, risk and technical advice, guidance and support on cyber security, both in business-as-usual and for live and planned projects within our clients' business. Broad range of cyber and information security skills, knowledge and experience, perhaps underpinned by a deeper SME in one of our key advisory practice areas (see ) or in one or more of the industries mentioned above. We welcome applications from candidates who have spent time working "in-house" in a relevant organisation, but it is likely that you will have gained at least some of your experience working in a business-oriented consulting environment where you have supported or provided advice to clients' senior business leaders, and relationship-based business development experience is essential. Industry and Location The "public sector" vertical in this team works with clients across industries, including: Government and Public Services Central Government Local Government Healthcare Public Sector Transport We welcome applications from candidates with experience in any combination of these industries, or specialists who have deep expertise and credibility in the cyber security agenda of one of them. We have major cyber practice hubs in six major cities across the UK, and these roles are likely to be based in: London (Charing Cross) Reading Birmingham Manchester or Edinburgh Depending on your experience and skillset and any industry vertical focus you may bring, we will however consider a base location at any of PwC's UK offices. We are a national practice which serves clients across the UK and EMEA, and willingness to travel to support client needs is essential; however we actively support and promote flexible and hybrid working consistent with business and client needs. What you will get Our purpose as a cyber security practice is to help solve complex problems and build a secure digital society. Within our practice, you will have the opportunity to broaden experience across industries, manage teams in delivering engagements at scale, build relationships with clients and senior groups, and be involved in big business changes. You'll contribute to delivering cyber security to some of the world's most iconic companies and brands, and to helping them to build their cyber defences, assure those defences and respond to incidents. Working in cyber security at PwC will give you unparalleled breadth of experience, and insight into how a wide range of client businesses work. You'll work in a team where we mix a supportive and collaborative culture with a challenging and high performance one. You'll be rewarded for your contribution and impact in building our business and delivering on our purpose. You'll be supported to develop your career by an experienced and close-knit team of Partners and Directors who will invest in your career and experience and provide you with mentoring and coaching to transition to PwC and grow your career in our firm. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities..... click apply for full job details
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our multi-disciplined Cyber Incident Response (CIR) practice is central to this. Our team supports PwC's clients in crisis to prepare, respond and recover from cyber attacks, as well as reduce the risk of attacks by using the insights we have gained from being at the front-lines of investigating these attacks. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. A key part of this will be increasing our capacity to help our clients prepare for and reduce the risk of attacks. This includes working with our clients' security operations teams to improve their ability to detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase "cost to the attacker". Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We want team members with a strong technical understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incident response and security operations capabilities. We also want team members who will be passionate about developing and improving our technical consulting offerings using the insights gained from being at the front-lines of investigating these cyber attacks. You should have a proven ability to lead teams and projects to deliver improvements to security operations and incident response functions, across people, process and technology. You will have an in-depth understanding of the processes, techniques and tools used by security operations and incident response teams. We are also looking for team members with high levels of communication skills, as well as consulting and project management experience. You will also be able to easily flex between work with both technical client stakeholders, such as SOC analysts, as well as senior stakeholders such as a Head of SOCs, Head of Cyber Security or CIO. You will ideally have experience such as: Developing cyber incident response plan, playbooks and processes that allow security operations team to rapidly and effectively respond to incidents; Collaborating with incident response teams to plan and deliver targeted remediation activities after cyber security incidents; Designing prevention, detection and response strategies for organisations based on threat actor tools, techniques and procedures; Building effective security operations capabilities and using purple team engagements to tune and validate detection tooling; Working collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing and vulnerability scanning; Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams; Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents. A robust understanding of: The typical techniques used by attackers, ranging from criminal to state affiliated groups. Preventing and detecting common attacker techniques and the MITRE ATT&CK framework; Tuning and configuring cyber security tools, for example SIEM and EDR tooling; How enterprise IT networks, Active Directory and Azure AD operate. Responsibilities We are looking for passionate, motivated and experienced individuals that can lead our work helping clients prepare for and reduce the risk of attacks. As this role would be part of our multidisciplinary Cyber Incident Response practice, this role would also include assisting the wider team to help clients respond to cyber security incidents and to manage our profilo of cyber incident response retainers. Lead client engagements across our incident response services portfolio to help clients prepare for and reduce the risk of attacks, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery, examples include: Assessing organisations' ability to detect and respond to cyber attacks; Understanding organisations' vulnerability to specific cyber security threats; Delivering remediation projects for client's who have had cyber security incidents, and assisting plan cyber transformations; Testing and improving cyber incident response plans, runbooks and processes; Designing and implementing improvements to our clients detection tooling; Using purple teaming to tune and validate detection capabilities; and, Implementing targeted improvements to increase cost to the attacker. Contribute to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with existing and new clients, and support outreach and business development efforts in collaboration with other teams; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Support the execution of our business strategy and growing PwC's reputation in the cyber security market, for example by taking on responsibility for relationships with third parties such as technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Dec 08, 2021
Full time
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our multi-disciplined Cyber Incident Response (CIR) practice is central to this. Our team supports PwC's clients in crisis to prepare, respond and recover from cyber attacks, as well as reduce the risk of attacks by using the insights we have gained from being at the front-lines of investigating these attacks. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. A key part of this will be increasing our capacity to help our clients prepare for and reduce the risk of attacks. This includes working with our clients' security operations teams to improve their ability to detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase "cost to the attacker". Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We want team members with a strong technical understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incident response and security operations capabilities. We also want team members who will be passionate about developing and improving our technical consulting offerings using the insights gained from being at the front-lines of investigating these cyber attacks. You should have a proven ability to lead teams and projects to deliver improvements to security operations and incident response functions, across people, process and technology. You will have an in-depth understanding of the processes, techniques and tools used by security operations and incident response teams. We are also looking for team members with high levels of communication skills, as well as consulting and project management experience. You will also be able to easily flex between work with both technical client stakeholders, such as SOC analysts, as well as senior stakeholders such as a Head of SOCs, Head of Cyber Security or CIO. You will ideally have experience such as: Developing cyber incident response plan, playbooks and processes that allow security operations team to rapidly and effectively respond to incidents; Collaborating with incident response teams to plan and deliver targeted remediation activities after cyber security incidents; Designing prevention, detection and response strategies for organisations based on threat actor tools, techniques and procedures; Building effective security operations capabilities and using purple team engagements to tune and validate detection tooling; Working collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing and vulnerability scanning; Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams; Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents. A robust understanding of: The typical techniques used by attackers, ranging from criminal to state affiliated groups. Preventing and detecting common attacker techniques and the MITRE ATT&CK framework; Tuning and configuring cyber security tools, for example SIEM and EDR tooling; How enterprise IT networks, Active Directory and Azure AD operate. Responsibilities We are looking for passionate, motivated and experienced individuals that can lead our work helping clients prepare for and reduce the risk of attacks. As this role would be part of our multidisciplinary Cyber Incident Response practice, this role would also include assisting the wider team to help clients respond to cyber security incidents and to manage our profilo of cyber incident response retainers. Lead client engagements across our incident response services portfolio to help clients prepare for and reduce the risk of attacks, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery, examples include: Assessing organisations' ability to detect and respond to cyber attacks; Understanding organisations' vulnerability to specific cyber security threats; Delivering remediation projects for client's who have had cyber security incidents, and assisting plan cyber transformations; Testing and improving cyber incident response plans, runbooks and processes; Designing and implementing improvements to our clients detection tooling; Using purple teaming to tune and validate detection capabilities; and, Implementing targeted improvements to increase cost to the attacker. Contribute to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with existing and new clients, and support outreach and business development efforts in collaboration with other teams; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Support the execution of our business strategy and growing PwC's reputation in the cyber security market, for example by taking on responsibility for relationships with third parties such as technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
DescriptionJob Description:Are you ready to unleash your potential?We are in search of a Senior Cyber Defence Analyst to join our team.This is an opportunity to join a team of highly skilled and innovative network defenders, and the best group of individuals out there.Leidos' Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Senior Cyber Defence Analyst. Leidos is an international company made up of 35,000 employees that provides Defence, Intelligence and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage over our adversaries using the latest technical advancements, including custom built cybersecurity capabilities.Are you ready for your next career challenge?At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams in the UK to address some of the most complex problems in defence, government, safety and security, and transportation. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. this sounds like the kind of environment where you can thrive, keep reading!Primary Responsibilities:As a key part of the team, your responsibilities will include threat hunting, and tactical analysis of ongoing attacks by criminal and nation state actors. You will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against Leidos' global networks.You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources, and provide reporting and briefings to other teams and leadership in order to maintain appropriate levels of situational awareness. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business. You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment.Duties include:Analyse network and host activity associated with both successful and unsuccessful intrusions by advanced attackersPerform network traffic analysis utilising raw packet data, net flow, IDS, and custom sensor output.Support enterprise incident response effortsLeverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise.Employ advanced forensic tools and techniques for attack reconstruction and intelligence gatheringProactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploitsContribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organisationParticipate in threat hunt operations using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to the enterpriseCollaborate using information and knowledge sharing networks and professional relationships to achieve common goalsProvide on-call support for incident response efforts outside of core hours, as neededMentor junior analysts technically and conceptuallyCollect, create and disseminate threat intelligenceLead small groups within the team for discernable tasks, including projects and incident responseDrive advanced countermeasures through to completionUnderstanding and educating the team about defending new threat vectorsRequired Qualifications:Experience in conventional network\host-based intrusion analysis, digital forensics, or malware analysisExperience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifactsExperience leading and contributing to incident response activitiesStrong understanding of Operating Systems and Network ProtocolsProficiency with Microsoft Windows administrative tools, and the Unix/Linux command linePreferred Qualifications:Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etcExperience with Splunk (preferred) or other SIEM-type platformCapable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholdersFamiliarity with common languages (like Perl and Python) to parse logs, automate processes, and integrate systemsPrevious experience as Threat Researcher and/or Intelligence AnalystExperience with dynamic malware analysis, and reverse engineeringExperience in cryptography or cryptanalysisExperience in cyber security engineeringExperience defending large cloud infrastructures (AWS, Azure, etc.)Ability to create, modify, and implement both Snort and YARA signaturesPublished research papers at conferences or through other mediums (blogs, articles)Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniquesA deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threatsExperience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reportsClearance Required:Clearance to Start: SCClearance for Role: SCWhat do we do for you?:At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:Contributory Pension SchemePrivate Medical Insurance33 days Annual Leave (including public and privilege holidays)Access to Flexible benefits (including life assurance, health schemes, childcare vouchers and cycle to work scheme)Dynamic Working: to Diversity:We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone.If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.Pay Range:
Dec 08, 2021
Full time
DescriptionJob Description:Are you ready to unleash your potential?We are in search of a Senior Cyber Defence Analyst to join our team.This is an opportunity to join a team of highly skilled and innovative network defenders, and the best group of individuals out there.Leidos' Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Senior Cyber Defence Analyst. Leidos is an international company made up of 35,000 employees that provides Defence, Intelligence and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage over our adversaries using the latest technical advancements, including custom built cybersecurity capabilities.Are you ready for your next career challenge?At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams in the UK to address some of the most complex problems in defence, government, safety and security, and transportation. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. this sounds like the kind of environment where you can thrive, keep reading!Primary Responsibilities:As a key part of the team, your responsibilities will include threat hunting, and tactical analysis of ongoing attacks by criminal and nation state actors. You will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against Leidos' global networks.You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources, and provide reporting and briefings to other teams and leadership in order to maintain appropriate levels of situational awareness. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business. You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment.Duties include:Analyse network and host activity associated with both successful and unsuccessful intrusions by advanced attackersPerform network traffic analysis utilising raw packet data, net flow, IDS, and custom sensor output.Support enterprise incident response effortsLeverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise.Employ advanced forensic tools and techniques for attack reconstruction and intelligence gatheringProactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploitsContribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organisationParticipate in threat hunt operations using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to the enterpriseCollaborate using information and knowledge sharing networks and professional relationships to achieve common goalsProvide on-call support for incident response efforts outside of core hours, as neededMentor junior analysts technically and conceptuallyCollect, create and disseminate threat intelligenceLead small groups within the team for discernable tasks, including projects and incident responseDrive advanced countermeasures through to completionUnderstanding and educating the team about defending new threat vectorsRequired Qualifications:Experience in conventional network\host-based intrusion analysis, digital forensics, or malware analysisExperience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifactsExperience leading and contributing to incident response activitiesStrong understanding of Operating Systems and Network ProtocolsProficiency with Microsoft Windows administrative tools, and the Unix/Linux command linePreferred Qualifications:Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etcExperience with Splunk (preferred) or other SIEM-type platformCapable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholdersFamiliarity with common languages (like Perl and Python) to parse logs, automate processes, and integrate systemsPrevious experience as Threat Researcher and/or Intelligence AnalystExperience with dynamic malware analysis, and reverse engineeringExperience in cryptography or cryptanalysisExperience in cyber security engineeringExperience defending large cloud infrastructures (AWS, Azure, etc.)Ability to create, modify, and implement both Snort and YARA signaturesPublished research papers at conferences or through other mediums (blogs, articles)Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniquesA deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threatsExperience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reportsClearance Required:Clearance to Start: SCClearance for Role: SCWhat do we do for you?:At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:Contributory Pension SchemePrivate Medical Insurance33 days Annual Leave (including public and privilege holidays)Access to Flexible benefits (including life assurance, health schemes, childcare vouchers and cycle to work scheme)Dynamic Working: to Diversity:We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone.If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.Pay Range:
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our Cyber Incident Response practice is central to this. Our team supports PwC's clients in crisis across our global network to respond, remediate and recover from cyber attacks. We are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Recent incidents we have responded to include human operated ransomware attacks on some of the world's largest corporates and state-sponsored intrusions at small NGOs. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams to deliver an end to end incident response capability to clients, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We're looking for passionate, motivated and experienced incident and crisis leaders. We want team members with a strong technical understanding of how to respond to cyber attacks and assist organisations with remediation and recovery. You should have a proven ability to lead teams investigating intrusions and data breaches, as well as helping senior stakeholders through challenging situations. We are also looking for leaders excited about being a part of ambitious growth plans, with experience leading practice and capability development, defining innovative strategies for commercial growth, and in mentoring and leading high performing teams. You will ideally have experience such as: Acting as a trusted advisor to senior stakeholders (CISO, CIO, CTO etc.) in crisis and breach situations, and providing strategy and decision support to enable them to successfully resolve and remediate security incidents, or rapidly recover IT environments after ransomware attacks. Planning and coordination of large-scale security incident response efforts involving multiple parties and teams, aligned to good practice methodologies. Formal line management responsibilities for technical crisis response or investigative teams. Coordinating written and verbal briefings to a variety of audiences, including boards, law enforcement, intelligence agencies, insurers, or legal counsel. A robust understanding of the principles of: digital forensics, technical incident response and remediation/containment strategies; crisis and incident lifecycle management methodologies; enterprise security operations capabilities and tooling; enterprise IT networks and Active Directory; cloud services such as Azure, GCP, and AWS; and, common attacker techniques and associated frameworks (such as MITRE ATT&CK). Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis. Responsibilities Lead client engagements across our reactive and proactive incident response services portfolio, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery; Provide oversight, challenge and input to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Act as a leader within PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with clients and prospects, and support outreach and business development efforts in collaboration with other teams, such as our Threat Intelligence practice; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Shape business strategy and its execution, for example through relationships with law firms, insurers, or technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. Help to grow PwC's reputation in the cyber security market, building trusted relationships with clients and external partners. Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Dec 07, 2021
Full time
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our Cyber Incident Response practice is central to this. Our team supports PwC's clients in crisis across our global network to respond, remediate and recover from cyber attacks. We are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Recent incidents we have responded to include human operated ransomware attacks on some of the world's largest corporates and state-sponsored intrusions at small NGOs. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams to deliver an end to end incident response capability to clients, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We're looking for passionate, motivated and experienced incident and crisis leaders. We want team members with a strong technical understanding of how to respond to cyber attacks and assist organisations with remediation and recovery. You should have a proven ability to lead teams investigating intrusions and data breaches, as well as helping senior stakeholders through challenging situations. We are also looking for leaders excited about being a part of ambitious growth plans, with experience leading practice and capability development, defining innovative strategies for commercial growth, and in mentoring and leading high performing teams. You will ideally have experience such as: Acting as a trusted advisor to senior stakeholders (CISO, CIO, CTO etc.) in crisis and breach situations, and providing strategy and decision support to enable them to successfully resolve and remediate security incidents, or rapidly recover IT environments after ransomware attacks. Planning and coordination of large-scale security incident response efforts involving multiple parties and teams, aligned to good practice methodologies. Formal line management responsibilities for technical crisis response or investigative teams. Coordinating written and verbal briefings to a variety of audiences, including boards, law enforcement, intelligence agencies, insurers, or legal counsel. A robust understanding of the principles of: digital forensics, technical incident response and remediation/containment strategies; crisis and incident lifecycle management methodologies; enterprise security operations capabilities and tooling; enterprise IT networks and Active Directory; cloud services such as Azure, GCP, and AWS; and, common attacker techniques and associated frameworks (such as MITRE ATT&CK). Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis. Responsibilities Lead client engagements across our reactive and proactive incident response services portfolio, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery; Provide oversight, challenge and input to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Act as a leader within PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with clients and prospects, and support outreach and business development efforts in collaboration with other teams, such as our Threat Intelligence practice; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Shape business strategy and its execution, for example through relationships with law firms, insurers, or technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. Help to grow PwC's reputation in the cyber security market, building trusted relationships with clients and external partners. Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Description Job Description: Are you ready to unleash your potential? We are in search of a Senior Cyber Defence Analyst to join our team. This is an opportunity to join a team of highly skilled and innovative network defenders, and the best group of individuals out there. Leidos' Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Senior Cyber Defence Analyst. Leidos is an international company made up of 35,000 employees that provides Defence, Intelligence and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage over our adversaries using the latest technical advancements, including custom built cybersecurity capabilities. Are you ready for your next career challenge? At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams in the UK to address some of the most complex problems in defence, government, safety and security, and transportation. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. If this sounds like the kind of environment where you can thrive, keep reading! Primary Responsibilities: As a key part of the team, your responsibilities will include threat hunting, and tactical analysis of ongoing attacks by criminal and nation state actors. You will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against Leidos' global networks. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources, and provide reporting and briefings to other teams and leadership in order to maintain appropriate levels of situational awareness. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business. You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment. Duties include: Analyse network and host activity associated with both successful and unsuccessful intrusions by advanced attackers Perform network traffic analysis utilising raw packet data, net flow, IDS, and custom sensor output. Support enterprise incident response efforts Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise. Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits Contribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organisation Participate in threat hunt operations using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals Provide on-call support for incident response efforts outside of core hours, as needed Mentor junior analysts technically and conceptually Collect, create and disseminate threat intelligence Lead small groups within the team for discernable tasks, including projects and incident response Drive advanced countermeasures through to completion Understanding and educating the team about defending new threat vectors Required Qualifications: Experience in conventional network\host-based intrusion analysis, digital forensics, or malware analysis Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts Experience leading and contributing to incident response activities Strong understanding of Operating Systems and Network Protocols Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line Preferred Qualifications: Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc Experience with Splunk (preferred) or other SIEM-type platform Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders Familiarity with common languages (like Perl and Python) to parse logs, automate processes, and integrate systems Previous experience as Threat Researcher and/or Intelligence Analyst Experience with dynamic malware analysis, and reverse engineering Experience in cryptography or cryptanalysis Experience in cyber security engineering Experience defending large cloud infrastructures (AWS, Azure, etc.) Ability to create, modify, and implement both Snort and YARA signatures Published research papers at conferences or through other mediums (blogs, articles) Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports Clearance Required: Clearance to Start: SC Clearance for Role: SC What do we do for you?: At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes: • Contributory Pension Scheme • Private Medical Insurance • 33 days Annual Leave (including public and privilege holidays) • Access to Flexible benefits (including life assurance, health schemes, childcare vouchers and cycle to work scheme) • Dynamic Working: Commitment to Diversity: We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs. Pay Range:
Dec 07, 2021
Full time
Description Job Description: Are you ready to unleash your potential? We are in search of a Senior Cyber Defence Analyst to join our team. This is an opportunity to join a team of highly skilled and innovative network defenders, and the best group of individuals out there. Leidos' Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Senior Cyber Defence Analyst. Leidos is an international company made up of 35,000 employees that provides Defence, Intelligence and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage over our adversaries using the latest technical advancements, including custom built cybersecurity capabilities. Are you ready for your next career challenge? At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams in the UK to address some of the most complex problems in defence, government, safety and security, and transportation. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. If this sounds like the kind of environment where you can thrive, keep reading! Primary Responsibilities: As a key part of the team, your responsibilities will include threat hunting, and tactical analysis of ongoing attacks by criminal and nation state actors. You will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against Leidos' global networks. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources, and provide reporting and briefings to other teams and leadership in order to maintain appropriate levels of situational awareness. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business. You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment. Duties include: Analyse network and host activity associated with both successful and unsuccessful intrusions by advanced attackers Perform network traffic analysis utilising raw packet data, net flow, IDS, and custom sensor output. Support enterprise incident response efforts Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise. Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits Contribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organisation Participate in threat hunt operations using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals Provide on-call support for incident response efforts outside of core hours, as needed Mentor junior analysts technically and conceptually Collect, create and disseminate threat intelligence Lead small groups within the team for discernable tasks, including projects and incident response Drive advanced countermeasures through to completion Understanding and educating the team about defending new threat vectors Required Qualifications: Experience in conventional network\host-based intrusion analysis, digital forensics, or malware analysis Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts Experience leading and contributing to incident response activities Strong understanding of Operating Systems and Network Protocols Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line Preferred Qualifications: Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc Experience with Splunk (preferred) or other SIEM-type platform Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders Familiarity with common languages (like Perl and Python) to parse logs, automate processes, and integrate systems Previous experience as Threat Researcher and/or Intelligence Analyst Experience with dynamic malware analysis, and reverse engineering Experience in cryptography or cryptanalysis Experience in cyber security engineering Experience defending large cloud infrastructures (AWS, Azure, etc.) Ability to create, modify, and implement both Snort and YARA signatures Published research papers at conferences or through other mediums (blogs, articles) Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports Clearance Required: Clearance to Start: SC Clearance for Role: SC What do we do for you?: At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes: • Contributory Pension Scheme • Private Medical Insurance • 33 days Annual Leave (including public and privilege holidays) • Access to Flexible benefits (including life assurance, health schemes, childcare vouchers and cycle to work scheme) • Dynamic Working: Commitment to Diversity: We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs. Pay Range:
MalvernQinetiQ provides Cyber Security capability to Government and commercial clients in sectors such as Defence, Critical Infrastructure and Finance. We are looking to appoint (more than one) operational Security Manager(s) able to take responsibility for the day to day operational cyber security activity across an organisation or programme in accordance with an information security management system (ISMS), for example ISO27001 or a similar government accredited security management system. Reporting to a head of operations or similar and supported by an experienced cyber security functional Leader, who will support your professional and personal development, your responsibilities may include:Manage operational processes defined in the ISMSMonitor and test security controls and gather evidence of compliance in support of auditMaintain security documentation required by the ISMSReview operation of ISMS processes and policies identifying opportunities for continuous improvement and to support learning from experienceCollaborate with senior operations & security managers to update ISMS processes and policiesManage security incidents including local triage and escalation where requiredEngage with the wider operational management community for effective integration of business continuity planning, security incident response and disaster recovery with the ISMSSupport maintenance of certifications/accreditations (e.g. ISO27001 or similar)Supporting reviews with external accreditation bodiesCollaborating to resolve problems with internal and external stakeholdersEncouraging positive security culture in the community subject to the security management system, driving continuous improvement and addressing non-compliances in a constructively to achieve intended business outcome and maintain external accreditationThe Fit:We are interested in hearing from operational Security Management professionals who have experience of IS27001 or similar government system of security management and accreditation.You will be passionate about your own personal development QinetiQ will supports membership of an appropriate professional body and we invest in your professional development.Successful candidates will be expected to achieve SC clearance as a minimum.We look for outstanding technical people, creative and analytical thinkers, decisions makers, influencers and excellent communicators. Join us today.Please apply at via the link#QQI#LI-QQWhy join QinetiQ?As we continue to grow into new markets around the world, there's never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges.You'll experience a unique working environment where teams from different backgrounds, disciplines and experience enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you'll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in an diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Read more about our diverse and inclusive workplace culture here.Joining QinetiQ offers you an opportunity to work on a broad range of interesting defence-based projects with vast career progression across a global organisation in addition to competitive personal and professional benefits. You'll receive a highly competitive salary and benefits package: our basic salaries are very attractive as we constantly review what's happening in the market. The range of benefits that we offer include, adaptive and flexible working, generous holiday entitlements, Health Cash Plan, Private Medical Insurance and Dental Insurance and much more.About QinetiQAs a company of over 6,000 dedicated professionals, we are a world-centre of excellence in research and development and act as a catalyst for fast-track innovation, offering outstanding experimentation facilities, and technical, engineering and scientific expertise. QinetiQ is made up of dedicated experts in defence, aerospace, security and related markets, all working together to explore new ways of protecting what matters most. Being part of QinetiQ means being central to the safety and security of the world around us. Partnering with our customers, we help to save lives; reduce risks to society; and maintain the global infrastructure on which we all depend. Come and find out how you can play a role.Please note that many roles in QinetiQ are subject to national security vetting. Applicants that already hold the appropriate level of vetting may be able to transfer it upon appointment, subject to approval. A number of roles are also subject to restrictions on access to information that mean factors such as nationality, previous nationalities held and the country in which you were born may have an effect on the roles that you can be employed in.
Dec 06, 2021
Full time
MalvernQinetiQ provides Cyber Security capability to Government and commercial clients in sectors such as Defence, Critical Infrastructure and Finance. We are looking to appoint (more than one) operational Security Manager(s) able to take responsibility for the day to day operational cyber security activity across an organisation or programme in accordance with an information security management system (ISMS), for example ISO27001 or a similar government accredited security management system. Reporting to a head of operations or similar and supported by an experienced cyber security functional Leader, who will support your professional and personal development, your responsibilities may include:Manage operational processes defined in the ISMSMonitor and test security controls and gather evidence of compliance in support of auditMaintain security documentation required by the ISMSReview operation of ISMS processes and policies identifying opportunities for continuous improvement and to support learning from experienceCollaborate with senior operations & security managers to update ISMS processes and policiesManage security incidents including local triage and escalation where requiredEngage with the wider operational management community for effective integration of business continuity planning, security incident response and disaster recovery with the ISMSSupport maintenance of certifications/accreditations (e.g. ISO27001 or similar)Supporting reviews with external accreditation bodiesCollaborating to resolve problems with internal and external stakeholdersEncouraging positive security culture in the community subject to the security management system, driving continuous improvement and addressing non-compliances in a constructively to achieve intended business outcome and maintain external accreditationThe Fit:We are interested in hearing from operational Security Management professionals who have experience of IS27001 or similar government system of security management and accreditation.You will be passionate about your own personal development QinetiQ will supports membership of an appropriate professional body and we invest in your professional development.Successful candidates will be expected to achieve SC clearance as a minimum.We look for outstanding technical people, creative and analytical thinkers, decisions makers, influencers and excellent communicators. Join us today.Please apply at via the link#QQI#LI-QQWhy join QinetiQ?As we continue to grow into new markets around the world, there's never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges.You'll experience a unique working environment where teams from different backgrounds, disciplines and experience enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you'll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in an diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Read more about our diverse and inclusive workplace culture here.Joining QinetiQ offers you an opportunity to work on a broad range of interesting defence-based projects with vast career progression across a global organisation in addition to competitive personal and professional benefits. You'll receive a highly competitive salary and benefits package: our basic salaries are very attractive as we constantly review what's happening in the market. The range of benefits that we offer include, adaptive and flexible working, generous holiday entitlements, Health Cash Plan, Private Medical Insurance and Dental Insurance and much more.About QinetiQAs a company of over 6,000 dedicated professionals, we are a world-centre of excellence in research and development and act as a catalyst for fast-track innovation, offering outstanding experimentation facilities, and technical, engineering and scientific expertise. QinetiQ is made up of dedicated experts in defence, aerospace, security and related markets, all working together to explore new ways of protecting what matters most. Being part of QinetiQ means being central to the safety and security of the world around us. Partnering with our customers, we help to save lives; reduce risks to society; and maintain the global infrastructure on which we all depend. Come and find out how you can play a role.Please note that many roles in QinetiQ are subject to national security vetting. Applicants that already hold the appropriate level of vetting may be able to transfer it upon appointment, subject to approval. A number of roles are also subject to restrictions on access to information that mean factors such as nationality, previous nationalities held and the country in which you were born may have an effect on the roles that you can be employed in.
PwC PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of cybersecurity professionals includes former law enforcement officials, forensic investigators, intelligence analysts, data scientists, malware analysts, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our Cyber Incident Response practice is central to this. Our team supports PwC's clients in crisis across our global network to respond, remediate and recover from cyber attacks. The technical work we conduct helps clients to understand how an incident occurred and how to effectively respond. We also assist clients to prepare (before incidents) and recover (after incidents) through a variety of complementary technical services. We are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Recent incidents we have responded to include human-operated ransomware attacks on some of the world's largest corporations, and state-sponsored intrusions at NGOs. Our investigation work spans cyber crime, corporate espionage and state affiliated threat actors. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams to deliver an end to end incident response capability to clients, including our global threat intelligence team, our threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We're looking for passionate and motivated incident responders at both Senior Analyst (Senior Associate) and Principal Analyst (Manager) to join our rapidly growing team. Our team members have a strong technical understanding of how to respond to cyber attacks, and help our clients across the whole lifecycle from preparation to investigation and remediation. You will ideally have skills & experience such as: A robust understanding of, and recent hands-on experience with: digital forensics and technical incident response; enterprise security operations capabilities and tooling; enterprise IT networks and Active Directory; and, cloud services such as Microsoft 365, Azure, GCP, and AWS. A keen eye for detail, and the ability to solve challenging technical problems. The capability to explain your technical findings to a variety of audiences, including non-technical individuals. An understanding of threat actors and techniques used to compromise organisations. The ability to build relationships with colleagues, other members of PwC and our clients. Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis. Responsibilities Perform high quality technical analysis, helping our clients to understand what happened during a cyber security incident or data breach. Produce high quality output in a variety of formats, from daily update slides to full technical investigation reports. Work closely with clients to understand their needs and build lasting relationships. Contribute to capability development (including helping further improve our cloud-based analysis platform), proposition development and thought leadership initiatives. Work alongside client teams and ensure we manage risk appropriately throughout the project lifecycle, following PwC's processes for client and engagement acceptance. Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Dec 05, 2021
Full time
PwC PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of cybersecurity professionals includes former law enforcement officials, forensic investigators, intelligence analysts, data scientists, malware analysts, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our Cyber Incident Response practice is central to this. Our team supports PwC's clients in crisis across our global network to respond, remediate and recover from cyber attacks. The technical work we conduct helps clients to understand how an incident occurred and how to effectively respond. We also assist clients to prepare (before incidents) and recover (after incidents) through a variety of complementary technical services. We are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Recent incidents we have responded to include human-operated ransomware attacks on some of the world's largest corporations, and state-sponsored intrusions at NGOs. Our investigation work spans cyber crime, corporate espionage and state affiliated threat actors. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams to deliver an end to end incident response capability to clients, including our global threat intelligence team, our threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We're looking for passionate and motivated incident responders at both Senior Analyst (Senior Associate) and Principal Analyst (Manager) to join our rapidly growing team. Our team members have a strong technical understanding of how to respond to cyber attacks, and help our clients across the whole lifecycle from preparation to investigation and remediation. You will ideally have skills & experience such as: A robust understanding of, and recent hands-on experience with: digital forensics and technical incident response; enterprise security operations capabilities and tooling; enterprise IT networks and Active Directory; and, cloud services such as Microsoft 365, Azure, GCP, and AWS. A keen eye for detail, and the ability to solve challenging technical problems. The capability to explain your technical findings to a variety of audiences, including non-technical individuals. An understanding of threat actors and techniques used to compromise organisations. The ability to build relationships with colleagues, other members of PwC and our clients. Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis. Responsibilities Perform high quality technical analysis, helping our clients to understand what happened during a cyber security incident or data breach. Produce high quality output in a variety of formats, from daily update slides to full technical investigation reports. Work closely with clients to understand their needs and build lasting relationships. Contribute to capability development (including helping further improve our cloud-based analysis platform), proposition development and thought leadership initiatives. Work alongside client teams and ensure we manage risk appropriately throughout the project lifecycle, following PwC's processes for client and engagement acceptance. Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our Cyber Incident Response practice is central to this. Our team supports PwC's clients in crisis across our global network to respond, remediate and recover from cyber attacks. We are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Recent incidents we have responded to include human operated ransomware attacks on some of the world's largest corporates and state-sponsored intrusions at small NGOs. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams to deliver an end to end incident response capability to clients, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We're looking for passionate, motivated and experienced incident and crisis responders. We want team members with a strong technical understanding of how to respond to cyber attacks and assist organisations with remediation and recovery, plus communication skills and project management experience. You should have a proven ability to lead teams investigating intrusions and data breaches, as well as helping technical client stakeholders, such as a Head of IT Security or CIO, through challenging situations. You will ideally have experience such as: Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents. Planning and coordination of large-scale security incident response efforts involving multiple parties and teams, aligned to good practice methodologies. Formal project management responsibilities (but not necessarily formal certification) for incident response cases, and leadership of the response team on those cases.. Coordinating written and verbal briefings to a variety of audiences, including boards, law enforcement, intelligence agencies, insurers, or legal counsel. A robust understanding of, and recent hands-on experience with: digital forensics, technical incident response and remediation/containment strategies in enterprise networks; crisis and incident lifecycle management methodologies; enterprise security operations capabilities and tooling; enterprise IT networks and Active Directory; cloud services such as Azure, GCP, and AWS; and, common attacker techniques and associated frameworks (such as MITRE ATT&CK). Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis. Responsibilities Lead client engagements across our reactive and proactive incident response services portfolio, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery; Contribute to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with clients and prospects, and support outreach and business development efforts in collaboration with other teams, such as our Threat Intelligence practice; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Support the execution of our business strategy, for example by taking on responsibility for relationships with law firms, insurers, or technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. Help to grow PwC's reputation in the cyber security market, building trusted relationships with clients and external partners. Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Dec 05, 2021
Full time
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our Cyber Incident Response practice is central to this. Our team supports PwC's clients in crisis across our global network to respond, remediate and recover from cyber attacks. We are accredited by the UK National Cyber Security Centre under the Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Recent incidents we have responded to include human operated ransomware attacks on some of the world's largest corporates and state-sponsored intrusions at small NGOs. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams to deliver an end to end incident response capability to clients, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We're looking for passionate, motivated and experienced incident and crisis responders. We want team members with a strong technical understanding of how to respond to cyber attacks and assist organisations with remediation and recovery, plus communication skills and project management experience. You should have a proven ability to lead teams investigating intrusions and data breaches, as well as helping technical client stakeholders, such as a Head of IT Security or CIO, through challenging situations. You will ideally have experience such as: Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents. Planning and coordination of large-scale security incident response efforts involving multiple parties and teams, aligned to good practice methodologies. Formal project management responsibilities (but not necessarily formal certification) for incident response cases, and leadership of the response team on those cases.. Coordinating written and verbal briefings to a variety of audiences, including boards, law enforcement, intelligence agencies, insurers, or legal counsel. A robust understanding of, and recent hands-on experience with: digital forensics, technical incident response and remediation/containment strategies in enterprise networks; crisis and incident lifecycle management methodologies; enterprise security operations capabilities and tooling; enterprise IT networks and Active Directory; cloud services such as Azure, GCP, and AWS; and, common attacker techniques and associated frameworks (such as MITRE ATT&CK). Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis. Responsibilities Lead client engagements across our reactive and proactive incident response services portfolio, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery; Contribute to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with clients and prospects, and support outreach and business development efforts in collaboration with other teams, such as our Threat Intelligence practice; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Support the execution of our business strategy, for example by taking on responsibility for relationships with law firms, insurers, or technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. Help to grow PwC's reputation in the cyber security market, building trusted relationships with clients and external partners. Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Security Operations Manager Malvern QinetiQ provides Cyber Security capability to Government and commercial clients in sectors such as Defence, Critical Infrastructure and Finance. We are looking to appoint (more than one) operational Security Manager(s) able to take responsibility for the day to day operational cyber security activity across an organisation or programme in accordance with an information security management system (ISMS), for example ISO27001 or a similar government accredited security management system. Reporting to a head of operations or similar and supported by an experienced cyber security functional Leader, who will support your professional and personal development, your responsibilities may include: Manage operational processes defined in the ISMS Monitor and test security controls and gather evidence of compliance in support of audit Maintain security documentation required by the ISMS Review operation of ISMS processes and policies identifying opportunities for continuous improvement and to support learning from experience Collaborate with senior operations & security managers to update ISMS processes and policies Manage security incidents including local triage and escalation where required Engage with the wider operational management community for effective integration of business continuity planning, security incident response and disaster recovery with the ISMS Support maintenance of certifications/accreditations (e.g. ISO27001 or similar) Supporting reviews with external accreditation bodies Collaborating to resolve problems with internal and external stakeholders Encouraging positive security culture in the community subject to the security management system, driving continuous improvement and addressing non-compliances in a constructively to achieve intended business outcome and maintain external accreditation The Fit: We are interested in hearing from operational Security Management professionals who have experience of IS27001 or similar government system of security management and accreditation. You will be passionate about your own personal development QinetiQ will supports membership of an appropriate professional body and we invest in your professional development. Successful candidates will be expected to achieve SC clearance as a minimum. We look for outstanding technical people, creative and analytical thinkers, decisions makers, influencers and excellent communicators. Join us today. Please apply at via the link #QQI #LI-QQ Why join QinetiQ? As we continue to grow into new markets around the world, there's never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges. You'll experience a unique working environment where teams from different backgrounds, disciplines and experience enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you'll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in an diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Read more about our diverse and inclusive workplace culture here. Joining QinetiQ offers you an opportunity to work on a broad range of interesting defence-based projects with vast career progression across a global organisation in addition to competitive personal and professional benefits. You'll receive a highly competitive salary and benefits package: our basic salaries are very attractive as we constantly review what's happening in the market. The range of benefits that we offer include, adaptive and flexible working, generous holiday entitlements, Health Cash Plan, Private Medical Insurance and Dental Insurance and much more. About QinetiQ As a company of over 6,000 dedicated professionals, we are a world-centre of excellence in research and development and act as a catalyst for fast-track innovation, offering outstanding experimentation facilities, and technical, engineering and scientific expertise. QinetiQ is made up of dedicated experts in defence, aerospace, security and related markets, all working together to explore new ways of protecting what matters most. Being part of QinetiQ means being central to the safety and security of the world around us. Partnering with our customers, we help to save lives; reduce risks to society; and maintain the global infrastructure on which we all depend. Come and find out how you can play a role. Please note that many roles in QinetiQ are subject to national security vetting. Applicants that already hold the appropriate level of vetting may be able to transfer it upon appointment, subject to approval. A number of roles are also subject to restrictions on access to information that mean factors such as nationality, previous nationalities held and the country in which you were born may have an effect on the roles that you can be employed in.
Dec 01, 2021
Full time
Security Operations Manager Malvern QinetiQ provides Cyber Security capability to Government and commercial clients in sectors such as Defence, Critical Infrastructure and Finance. We are looking to appoint (more than one) operational Security Manager(s) able to take responsibility for the day to day operational cyber security activity across an organisation or programme in accordance with an information security management system (ISMS), for example ISO27001 or a similar government accredited security management system. Reporting to a head of operations or similar and supported by an experienced cyber security functional Leader, who will support your professional and personal development, your responsibilities may include: Manage operational processes defined in the ISMS Monitor and test security controls and gather evidence of compliance in support of audit Maintain security documentation required by the ISMS Review operation of ISMS processes and policies identifying opportunities for continuous improvement and to support learning from experience Collaborate with senior operations & security managers to update ISMS processes and policies Manage security incidents including local triage and escalation where required Engage with the wider operational management community for effective integration of business continuity planning, security incident response and disaster recovery with the ISMS Support maintenance of certifications/accreditations (e.g. ISO27001 or similar) Supporting reviews with external accreditation bodies Collaborating to resolve problems with internal and external stakeholders Encouraging positive security culture in the community subject to the security management system, driving continuous improvement and addressing non-compliances in a constructively to achieve intended business outcome and maintain external accreditation The Fit: We are interested in hearing from operational Security Management professionals who have experience of IS27001 or similar government system of security management and accreditation. You will be passionate about your own personal development QinetiQ will supports membership of an appropriate professional body and we invest in your professional development. Successful candidates will be expected to achieve SC clearance as a minimum. We look for outstanding technical people, creative and analytical thinkers, decisions makers, influencers and excellent communicators. Join us today. Please apply at via the link #QQI #LI-QQ Why join QinetiQ? As we continue to grow into new markets around the world, there's never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges. You'll experience a unique working environment where teams from different backgrounds, disciplines and experience enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you'll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in an diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Read more about our diverse and inclusive workplace culture here. Joining QinetiQ offers you an opportunity to work on a broad range of interesting defence-based projects with vast career progression across a global organisation in addition to competitive personal and professional benefits. You'll receive a highly competitive salary and benefits package: our basic salaries are very attractive as we constantly review what's happening in the market. The range of benefits that we offer include, adaptive and flexible working, generous holiday entitlements, Health Cash Plan, Private Medical Insurance and Dental Insurance and much more. About QinetiQ As a company of over 6,000 dedicated professionals, we are a world-centre of excellence in research and development and act as a catalyst for fast-track innovation, offering outstanding experimentation facilities, and technical, engineering and scientific expertise. QinetiQ is made up of dedicated experts in defence, aerospace, security and related markets, all working together to explore new ways of protecting what matters most. Being part of QinetiQ means being central to the safety and security of the world around us. Partnering with our customers, we help to save lives; reduce risks to society; and maintain the global infrastructure on which we all depend. Come and find out how you can play a role. Please note that many roles in QinetiQ are subject to national security vetting. Applicants that already hold the appropriate level of vetting may be able to transfer it upon appointment, subject to approval. A number of roles are also subject to restrictions on access to information that mean factors such as nationality, previous nationalities held and the country in which you were born may have an effect on the roles that you can be employed in.