Job Title: Digital Operations Manager/ IT Manager/IT Operations Support Manager Location: London Department: Digital Operations Salary: 60-70k + Benefits Company Overview: We are dedicated to shaping the future of digital infrastructure and services. We are seeking a highly motivated and experienced Digital Operations Manager to oversee the daily operations of our digital ecosystem, ensuring top-tier performance, security, and compliance. This is an exciting opportunity to lead a dynamic team and drive the success of our digital projects. As the Digital Operations Manager, you will play a pivotal role in maintaining the integrity of our IT systems, collaborating closely with cross-functional teams, and ensuring our digital operations meet the highest standards. Key Responsibilities: Team Leadership and Management: Lead, mentor, and manage a diverse team of IT professionals including an Application Support Specialist, Technical Project Manager, Cyber Security and Compliance Analyst, and End-to-End QA Specialist. Allocate resources efficiently to ensure timely and successful project delivery. Conduct regular performance reviews and provide ongoing feedback to foster growth and development within the team. Operational Oversight: Oversee the daily operations of digital systems, applications, and infrastructure. Ensure high availability and performance of all IT services and applications. Implement and maintain monitoring systems to proactively identify and resolve issues. Application Support: Manage application support activities to ensure the prompt resolution of incidents and service requests. Collaborate with the Application Support Manager to develop and implement effective support processes and documentation. Ensure all applications are updated, patched, and maintained in line with best practices. Technical Project Management: Oversee the planning, execution, and delivery of technical projects. Work closely with the Technical Project Manager to ensure projects are completed on time, within scope, and budget. Facilitate communication and collaboration between project teams and stakeholders. Cyber Security and Compliance: Ensure the implementation and adherence to cyber security policies and procedures. Collaborate with the Cyber Security and Compliance resources to conduct regular security assessments and audits. Manage compliance with relevant regulations and standards, such as GDPR and Cyber Essentials Plus. Quality Assurance: Oversee the end-to-end quality assurance process for all digital products and services. Work with the End-to-End QA Specialist to develop comprehensive test plans and ensure thorough testing. Ensure quality assurance processes are followed to maintain high standards. Strategic Planning and Improvement: Develop and implement strategies to enhance digital operations and IT service delivery. Identify opportunities for process optimisation and efficiency gains. Stakeholder Communication: Act as the primary point of contact for all digital operations-related matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience in managing technical projects and ensuring successful delivery. In-depth knowledge of cyber security principles and compliance requirements. Strong understanding of quality assurance processes and methodologies. Exceptional problem-solving and analytical abilities. Excellent communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels. Familiarity with IT service management (ITSM) frameworks such as ITIL. Relevant certifications (e.g., PMP, CISSP, ITIL) are advantageous. What We Offer: Competitive salary and benefits package. A dynamic, collaborative work environment with opportunities for professional development and growth. A chance to lead and shape the future of digital operations People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.
Jul 02, 2025
Full time
Job Title: Digital Operations Manager/ IT Manager/IT Operations Support Manager Location: London Department: Digital Operations Salary: 60-70k + Benefits Company Overview: We are dedicated to shaping the future of digital infrastructure and services. We are seeking a highly motivated and experienced Digital Operations Manager to oversee the daily operations of our digital ecosystem, ensuring top-tier performance, security, and compliance. This is an exciting opportunity to lead a dynamic team and drive the success of our digital projects. As the Digital Operations Manager, you will play a pivotal role in maintaining the integrity of our IT systems, collaborating closely with cross-functional teams, and ensuring our digital operations meet the highest standards. Key Responsibilities: Team Leadership and Management: Lead, mentor, and manage a diverse team of IT professionals including an Application Support Specialist, Technical Project Manager, Cyber Security and Compliance Analyst, and End-to-End QA Specialist. Allocate resources efficiently to ensure timely and successful project delivery. Conduct regular performance reviews and provide ongoing feedback to foster growth and development within the team. Operational Oversight: Oversee the daily operations of digital systems, applications, and infrastructure. Ensure high availability and performance of all IT services and applications. Implement and maintain monitoring systems to proactively identify and resolve issues. Application Support: Manage application support activities to ensure the prompt resolution of incidents and service requests. Collaborate with the Application Support Manager to develop and implement effective support processes and documentation. Ensure all applications are updated, patched, and maintained in line with best practices. Technical Project Management: Oversee the planning, execution, and delivery of technical projects. Work closely with the Technical Project Manager to ensure projects are completed on time, within scope, and budget. Facilitate communication and collaboration between project teams and stakeholders. Cyber Security and Compliance: Ensure the implementation and adherence to cyber security policies and procedures. Collaborate with the Cyber Security and Compliance resources to conduct regular security assessments and audits. Manage compliance with relevant regulations and standards, such as GDPR and Cyber Essentials Plus. Quality Assurance: Oversee the end-to-end quality assurance process for all digital products and services. Work with the End-to-End QA Specialist to develop comprehensive test plans and ensure thorough testing. Ensure quality assurance processes are followed to maintain high standards. Strategic Planning and Improvement: Develop and implement strategies to enhance digital operations and IT service delivery. Identify opportunities for process optimisation and efficiency gains. Stakeholder Communication: Act as the primary point of contact for all digital operations-related matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience in managing technical projects and ensuring successful delivery. In-depth knowledge of cyber security principles and compliance requirements. Strong understanding of quality assurance processes and methodologies. Exceptional problem-solving and analytical abilities. Excellent communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels. Familiarity with IT service management (ITSM) frameworks such as ITIL. Relevant certifications (e.g., PMP, CISSP, ITIL) are advantageous. What We Offer: Competitive salary and benefits package. A dynamic, collaborative work environment with opportunities for professional development and growth. A chance to lead and shape the future of digital operations People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.
Sorry, applications for this particular Job have now closed. We're seeking an experienced Cyber Defence Manager to safeguard our digital infrastructure View job & apply Location: Frankfurt Salary: 145,000 + Benefits Sector: Banking, Asset Management & Funds We're hiring an experienced IAM Lead to take ownership of identity governance and access controls View job & apply Location: Frankfurt Salary: 145000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A growing investment firm headquartered in Frankfurt is looking to appoint a senior IT Governance View job & apply Location: Fully Remote Job type: Contract Position Overview: Fast growing FinTech seeking a highly motivated and technically capable DevSecO View job & apply SOC Manager Location: Fully Remote Job type: Contract Position Overview: Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations View job & apply Location: Greater London Job type: Permanent Financial Service firm seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A fast-growing investment firm based in Frankfurt is looking for a motivated IT Governance & View job & apply Technical IAM Consultant Location: London when needed Job type: Contract Technical IAM Consultant required for a global financial services firm. This role encompasses strat View job & apply Location: Frankfurt Job type: Permanent We're hiring an experienced IAM Manager to take ownership of identity governance and access View job & apply Zero Trust Architect Location: Fully Remote Job type: Contract Position Overview: Leading FinTech company seeking a Zero Trust Architect to design and implement Cyber Security Vulnerability Management Analyst Cyber Security Vulnerability Management Analyst required for a market leading financial services firm. It's a great opportunity to get to work with industry-leading tools and security partners, to enhance your analytical, technical and communication skills, and to really make a difference to our customers and colleagues. This role will contribute to the development, maintenance and overall delivery of Vulnerability Management controls for the Bank, reporting to the Vulnerability Management Lead. The Vulnerability Management Analyst will contribute to the day-to-day running of the team, assisting Specialists with managing the Bank's Vulnerability Management controls and providing security input for vulnerabilities which threaten the organisation. Experience Understanding of vulnerability lifecycles, standards and ratings Risk assessing findings to determine appropriate response with a proactive approach to recording, management and escalation of risks Increasing the quality of vulnerability reporting automation to reduce manual effort Advanced analytical and problem-solving techniques with practical experience of Scripting with Python & Power BI Providing advice on appropriate Vulnerability Management controls across technical disciplines, with experience of Windows or RHEL OS platforms and an understanding of patching processes and automation options IT and Information Security best practice Team working and the ability to be self-directed on task completion Demonstrating a professional can-do attitude and high levels of motivation Working under pressure, managing multiple priorities in a rapidly changing and dynamic environment Collaborating with internal and external parties to provide excellent outcomes and customer service We would like you to have Knowledge of vulnerability scanning technologies Experience in analysis of vulnerabilities identified against one of infrastructure, assets or code Working knowledge of the Qualys application and its core modules Self-driven qualities and ability to work independently as well as part of a team Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way The ability to engage stakeholders to influence decisions to improve security across the company Industry-related security qualification (eg CISSP, CISM) or equivalent practical security experience Experience in improvement programmes to reduce risk, increase quality and reduce manual effort, and delivering control improvements across multiple technical disciplines Knowledge of ITIL framework, including risk and change management We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know. Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.
Jun 28, 2025
Full time
Sorry, applications for this particular Job have now closed. We're seeking an experienced Cyber Defence Manager to safeguard our digital infrastructure View job & apply Location: Frankfurt Salary: 145,000 + Benefits Sector: Banking, Asset Management & Funds We're hiring an experienced IAM Lead to take ownership of identity governance and access controls View job & apply Location: Frankfurt Salary: 145000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A growing investment firm headquartered in Frankfurt is looking to appoint a senior IT Governance View job & apply Location: Fully Remote Job type: Contract Position Overview: Fast growing FinTech seeking a highly motivated and technically capable DevSecO View job & apply SOC Manager Location: Fully Remote Job type: Contract Position Overview: Rapidly growing FinTech company seeking an accomplished Cybersecurity Operations View job & apply Location: Greater London Job type: Permanent Financial Service firm seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A fast-growing investment firm based in Frankfurt is looking for a motivated IT Governance & View job & apply Technical IAM Consultant Location: London when needed Job type: Contract Technical IAM Consultant required for a global financial services firm. This role encompasses strat View job & apply Location: Frankfurt Job type: Permanent We're hiring an experienced IAM Manager to take ownership of identity governance and access View job & apply Zero Trust Architect Location: Fully Remote Job type: Contract Position Overview: Leading FinTech company seeking a Zero Trust Architect to design and implement Cyber Security Vulnerability Management Analyst Cyber Security Vulnerability Management Analyst required for a market leading financial services firm. It's a great opportunity to get to work with industry-leading tools and security partners, to enhance your analytical, technical and communication skills, and to really make a difference to our customers and colleagues. This role will contribute to the development, maintenance and overall delivery of Vulnerability Management controls for the Bank, reporting to the Vulnerability Management Lead. The Vulnerability Management Analyst will contribute to the day-to-day running of the team, assisting Specialists with managing the Bank's Vulnerability Management controls and providing security input for vulnerabilities which threaten the organisation. Experience Understanding of vulnerability lifecycles, standards and ratings Risk assessing findings to determine appropriate response with a proactive approach to recording, management and escalation of risks Increasing the quality of vulnerability reporting automation to reduce manual effort Advanced analytical and problem-solving techniques with practical experience of Scripting with Python & Power BI Providing advice on appropriate Vulnerability Management controls across technical disciplines, with experience of Windows or RHEL OS platforms and an understanding of patching processes and automation options IT and Information Security best practice Team working and the ability to be self-directed on task completion Demonstrating a professional can-do attitude and high levels of motivation Working under pressure, managing multiple priorities in a rapidly changing and dynamic environment Collaborating with internal and external parties to provide excellent outcomes and customer service We would like you to have Knowledge of vulnerability scanning technologies Experience in analysis of vulnerabilities identified against one of infrastructure, assets or code Working knowledge of the Qualys application and its core modules Self-driven qualities and ability to work independently as well as part of a team Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way The ability to engage stakeholders to influence decisions to improve security across the company Industry-related security qualification (eg CISSP, CISM) or equivalent practical security experience Experience in improvement programmes to reduce risk, increase quality and reduce manual effort, and delivering control improvements across multiple technical disciplines Knowledge of ITIL framework, including risk and change management We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know. Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.
As the Senior Information Security Analyst, you will report to the IT Security Manager to support executing security programme, continue improvement of cyber security risk and incident management process, and perform day to day information security activities. This role is a hybrid role with 1 - 2 days on-site weekly in average. Client Details My client is a large organisation operating within the public sector, with a significant presence in the North of England. Description Design, implement and maintain cyber security measures and protocols. Conduct regular system tests and lead response to security breaches. Perform risk assessment and lead the risk and vulnerabilities management process Oversee security incident management process Provide training and guidance to staff on cyber security best practices. Coordinate with internal and external stakeholders to enhance security measures. Ensure compliance with the latest laws and regulations regarding cyber security. Profile Solid experience in Information Security, preferably in GRC, vulnerabilities management and incident response management Familiar with ISO27001, NIST Excellent stakeholders management skills Certifications such as CISM, CISSP or similar are an advantage. Job Offer High flexibility environment Opportunity to join a growing team in a highly regulated organisation Generous pension contribution from employer
Mar 09, 2025
Full time
As the Senior Information Security Analyst, you will report to the IT Security Manager to support executing security programme, continue improvement of cyber security risk and incident management process, and perform day to day information security activities. This role is a hybrid role with 1 - 2 days on-site weekly in average. Client Details My client is a large organisation operating within the public sector, with a significant presence in the North of England. Description Design, implement and maintain cyber security measures and protocols. Conduct regular system tests and lead response to security breaches. Perform risk assessment and lead the risk and vulnerabilities management process Oversee security incident management process Provide training and guidance to staff on cyber security best practices. Coordinate with internal and external stakeholders to enhance security measures. Ensure compliance with the latest laws and regulations regarding cyber security. Profile Solid experience in Information Security, preferably in GRC, vulnerabilities management and incident response management Familiar with ISO27001, NIST Excellent stakeholders management skills Certifications such as CISM, CISSP or similar are an advantage. Job Offer High flexibility environment Opportunity to join a growing team in a highly regulated organisation Generous pension contribution from employer
Overview: A global consulting business is looking to add a new Cloud Security Specialist to their growing IT team. This company, which is focused on capital markets, requires the Senior Information Security Analyst to help drive their cybersecurity initiatives within the organisation, develop and deliver security awareness training to all staff as well as assist in the overall development and implementation of their security strategy. The Role: Play a key part in safeguarding the organisation's cloud environment and ensuring the confidentiality, integrity, and availability of their data. Ensure that security is seamlessly and effectively integrated with cloud technologies, security best practices Design, implement, and manage security controls for their cloud environment (e.g., AWS, Azure, GCP). Conduct regular security assessments and penetration testing of their cloud infrastructure to identify and mitigate vulnerabilities. Stay up-to-date on the latest cloud security threats and best practices. Monitor security information and event management (SIEM) systems for suspicious activity in the cloud environment Investigate and analyse security incidents, leading the response and remediation efforts. Communicate complex security issues to technical and non-technical audiences Develop and deliver security awareness training for cloud users within the organisation. Assist in the development and implementation of the overall security strategy, focusing on the cloud environment. The Requirements: Bachelor's degree or related qualification in Computer Science, Information Technology, or related field. 6+ years of experience in information security, with a focus on cloud security. Experience with major cloud platforms such as AWS, Azure, and Google Cloud Platform. Strong understanding of cloud security principles, including identity and access management, data encryption, network security, and compliance. Certifications such as (CCSP), (CISSP), AWS Certified Security - Speciality or equivalent Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Mar 08, 2025
Full time
Overview: A global consulting business is looking to add a new Cloud Security Specialist to their growing IT team. This company, which is focused on capital markets, requires the Senior Information Security Analyst to help drive their cybersecurity initiatives within the organisation, develop and deliver security awareness training to all staff as well as assist in the overall development and implementation of their security strategy. The Role: Play a key part in safeguarding the organisation's cloud environment and ensuring the confidentiality, integrity, and availability of their data. Ensure that security is seamlessly and effectively integrated with cloud technologies, security best practices Design, implement, and manage security controls for their cloud environment (e.g., AWS, Azure, GCP). Conduct regular security assessments and penetration testing of their cloud infrastructure to identify and mitigate vulnerabilities. Stay up-to-date on the latest cloud security threats and best practices. Monitor security information and event management (SIEM) systems for suspicious activity in the cloud environment Investigate and analyse security incidents, leading the response and remediation efforts. Communicate complex security issues to technical and non-technical audiences Develop and deliver security awareness training for cloud users within the organisation. Assist in the development and implementation of the overall security strategy, focusing on the cloud environment. The Requirements: Bachelor's degree or related qualification in Computer Science, Information Technology, or related field. 6+ years of experience in information security, with a focus on cloud security. Experience with major cloud platforms such as AWS, Azure, and Google Cloud Platform. Strong understanding of cloud security principles, including identity and access management, data encryption, network security, and compliance. Certifications such as (CCSP), (CISSP), AWS Certified Security - Speciality or equivalent Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Job Title: Junior SOC Analyst Location: Stevenage (On-site, Secure Site) Clearance: SC Cleared Contract Type: Inside IR35 Salary/Rate: Competitive (Based on Experience) Shift Pattern: 24/7 Shift Rotation About the Role: We are seeking a motivated Junior SOC Analyst to join our Security Operations Centre (SOC) based on-site in Stevenage . This is an exciting opportunity to work within a secure environment , supporting cyber security operations and responding to security threats in a dynamic and challenging setting. The role operates on a 24/7 shift pattern , ensuring continuous monitoring and incident response. Key Responsibilities: Monitor and analyze security alerts from various security tools and technologies. Investigate and escalate security incidents in line with established protocols. Conduct initial threat analysis and provide recommendations for remediation. Work closely with senior analysts to support the implementation of security measures. Maintain and update security documentation, incident reports, and compliance records. Support continuous improvement initiatives within the SOC environment. Key Skills & Experience: Understanding of security monitoring tools (SIEM, IDS/IPS, endpoint security solutions). Knowledge of cyber security principles and best practices. Experience in threat detection, analysis, and incident response (preferred but not essential). Ability to follow processes and work effectively within a secure environment. Strong communication and analytical skills. Relevant certifications such as CompTIA Security+ , CISSP , or GCIA are advantageous. Requirements: Must hold active SC Clearance Must be able to work on-site in Stevenage within a secure facility. Ability to work on a 24/7 shift rotation. Previous experience in a SOC or cyber security role is desirable but not essential. A strong willingness to learn and develop within the field of cyber security. Why Join Us? Work in a cutting-edge secure environment with access to the latest cyber security technologies. Career progression opportunities within a growing security team. Gain exposure to real-world cyber threats and contribute to national security initiatives. Competitive contract rates inside IR35. If you are a passionate Junior SOC Analyst looking to take the next step in your cyber security career, apply today!
Mar 08, 2025
Contractor
Job Title: Junior SOC Analyst Location: Stevenage (On-site, Secure Site) Clearance: SC Cleared Contract Type: Inside IR35 Salary/Rate: Competitive (Based on Experience) Shift Pattern: 24/7 Shift Rotation About the Role: We are seeking a motivated Junior SOC Analyst to join our Security Operations Centre (SOC) based on-site in Stevenage . This is an exciting opportunity to work within a secure environment , supporting cyber security operations and responding to security threats in a dynamic and challenging setting. The role operates on a 24/7 shift pattern , ensuring continuous monitoring and incident response. Key Responsibilities: Monitor and analyze security alerts from various security tools and technologies. Investigate and escalate security incidents in line with established protocols. Conduct initial threat analysis and provide recommendations for remediation. Work closely with senior analysts to support the implementation of security measures. Maintain and update security documentation, incident reports, and compliance records. Support continuous improvement initiatives within the SOC environment. Key Skills & Experience: Understanding of security monitoring tools (SIEM, IDS/IPS, endpoint security solutions). Knowledge of cyber security principles and best practices. Experience in threat detection, analysis, and incident response (preferred but not essential). Ability to follow processes and work effectively within a secure environment. Strong communication and analytical skills. Relevant certifications such as CompTIA Security+ , CISSP , or GCIA are advantageous. Requirements: Must hold active SC Clearance Must be able to work on-site in Stevenage within a secure facility. Ability to work on a 24/7 shift rotation. Previous experience in a SOC or cyber security role is desirable but not essential. A strong willingness to learn and develop within the field of cyber security. Why Join Us? Work in a cutting-edge secure environment with access to the latest cyber security technologies. Career progression opportunities within a growing security team. Gain exposure to real-world cyber threats and contribute to national security initiatives. Competitive contract rates inside IR35. If you are a passionate Junior SOC Analyst looking to take the next step in your cyber security career, apply today!
We're growing and want you to be a part of our journey. Information Security Manager This role will lead the Information Security team, manage the security controls to keep Isio's data, people and clients safe and ensure that work is delivered effectively. The role will report into the Head of IT Governance and will have overall responsibility for the Information Security. Our IT team operates a hybrid workstyle nationwide; there is a preference for this role to be based in Isio's Belfast or Birmingham office, however, there is flexibility to be based in any of Isio's UK offices for this position. Role and Responsibilities Collaborate with senior stakeholders Line manage the Information Security Analyst Manage the information security programme across Isio Maintain your knowledge of current and emerging cyber threats as well as risk mitigations Manage and maintain: Information Security risk register Information Security policies Information Security training Information Security related communications Own the relationship with key Information Security 3 rd parties (e.g. SOC, ISO related, email security) Conduct regular service reviews with our key Information Security providers Develop and manage Information Security protocols that maintain Isio's (and our clients') environments Own and improve Isio's cyber incident response capability, including reviewing and enhancing our Cyber Security Incident Response Plan (CSIRP) Design and execute cyber-attack simulation exercises Own the Information Security incidents raised in the Service Desk by Isio users/suppliers Actively monitor for security alerts announced by professional Information Security bodies Lead cyber incident response activities, including coordinating incident investigation, containment and remediation actions Conduct due diligence (including risk assessing) on proposed new solutions for Isio. Be responsible for and use Isio's enterprise tools to identify, assess and resolve security vulnerabilities Manage all penetration testing and arrange these for new and present solutions as required Manage and develop the Information Security team ensuring that it has the expertise and resources needed to address both current and emerging threats. Provide guidance and coaching to direct report, including professional development Key Skills & Experience Excellent knowledge of Information Security systems and solutions Significant experience of cyber security frameworks, methodologies, and best practices, such as ISO 27001, Cyber Essentials, NIST, CIS and OWASP Top10 The ability to articulate complex security concepts to both technical and non-technical audiences Experience of leading security-based projects Good understanding of attack vectors, and defensive and detection cyber technologies Ability to balance security priorities with the business' objectives, values and risk appetite Proven people management and leadership Great people management skills Proven track record of delivering solutions Excellent communicator Well organised and structured Qualifications (Desirable) CISM (Certified Information Security Manager) CISSP (Certified Information System Security Professional) GDPR / Data Privacy qualification Microsoft / CompTIA / Cisco / AWS or other technical cyber security qualification Demonstrated Commitment to our Core Purpose Power in Partnership : We work in partnership with our clients & each other - building open and trusted relationships. Working together allows us to deliver the best for our clients. Future Focus : We want to push our industry forward by solving problems in better ways that benefit both our clients & society. Strength in Difference : We work with diverse perspectives to find better solutions. Working with differences makes us stronger. People First : We recognise that pensions is a people business. People are the source of Isio's expertise and it is people's lives that we affect through our advice. What we offer you Isio is a people business, and we're committed to helping our great colleagues gain a wide variety of experience, significant development opportunities and progression through the business . The variety of work that'll be available to you will enable you to do this. On top, we also offer: A competitive remuneration package , including a bonus scheme. A defined contribution pension scheme . Life insurance . Healthcare benefits . Income protection benefits . 25 days annual leave (plus bank holidays) as standard with the option to purchase additional days of holiday. As well as two additional 'Company' days - a celebration day for your birthday and an extra day over Christmas. Corporate Social Responsibility (CSR) allowance Flexible working opportunities. A flexible benefits package. Internal development programmes including (technical and non-technical) training support and mentor programmes. Where required study support including study days, materials and exam entry support. What's next? Click on the 'apply' and follow the simple application process online. If you think you may require a reasonable adjustment to be made for any reason at any stage of your recruitment process, please email About Isio Isio was 'born' in 2020 from the sale of KPMG UK's Pension Practice to a private equity firm. An industry-leading challenger, we provide diverse expertise spanning Pensions, Investment, Benefits and Wealth to give clients an integrated experience. Isio is built by challengers, innovators and forward-thinkers, grounded around a vision which strives to deliver greater financial confidence for everyone. We empower and develop those who join us - valuing curious minds and giving people the freedom to outperform. Known and respected for our agility, we harness specialist experience, bold thinking and the desire to push the boundaries of what we can achieve for our clients, from small to blue chip, public to private. Isio is growing and we are looking for people who share our purpose and behaviours to join us on this journey, as we continue driving exceptional results for both our clients and people. At Isio, we are committed to fostering an inclusive, equitable and diverse workplace, in which our colleagues feel they belong, regardless of background or difference. We uphold the values of respect, fairness, and inclusion in our actions and decisions. We believe that by adhering to these principles, we will create a stronger, more innovative, and supportive environment for all, as well as ensuring that the advice and support we provide to our clients is more creative, more insightful and leaves a lasting impact. We have offices across the UK and many of our roles offer a hybrid, flexible approach to work to help create a work-life balance that works for you. Isio Group is an equal opportunities employer and we welcome applications from all suitably qualified candidates.
Feb 21, 2025
Full time
We're growing and want you to be a part of our journey. Information Security Manager This role will lead the Information Security team, manage the security controls to keep Isio's data, people and clients safe and ensure that work is delivered effectively. The role will report into the Head of IT Governance and will have overall responsibility for the Information Security. Our IT team operates a hybrid workstyle nationwide; there is a preference for this role to be based in Isio's Belfast or Birmingham office, however, there is flexibility to be based in any of Isio's UK offices for this position. Role and Responsibilities Collaborate with senior stakeholders Line manage the Information Security Analyst Manage the information security programme across Isio Maintain your knowledge of current and emerging cyber threats as well as risk mitigations Manage and maintain: Information Security risk register Information Security policies Information Security training Information Security related communications Own the relationship with key Information Security 3 rd parties (e.g. SOC, ISO related, email security) Conduct regular service reviews with our key Information Security providers Develop and manage Information Security protocols that maintain Isio's (and our clients') environments Own and improve Isio's cyber incident response capability, including reviewing and enhancing our Cyber Security Incident Response Plan (CSIRP) Design and execute cyber-attack simulation exercises Own the Information Security incidents raised in the Service Desk by Isio users/suppliers Actively monitor for security alerts announced by professional Information Security bodies Lead cyber incident response activities, including coordinating incident investigation, containment and remediation actions Conduct due diligence (including risk assessing) on proposed new solutions for Isio. Be responsible for and use Isio's enterprise tools to identify, assess and resolve security vulnerabilities Manage all penetration testing and arrange these for new and present solutions as required Manage and develop the Information Security team ensuring that it has the expertise and resources needed to address both current and emerging threats. Provide guidance and coaching to direct report, including professional development Key Skills & Experience Excellent knowledge of Information Security systems and solutions Significant experience of cyber security frameworks, methodologies, and best practices, such as ISO 27001, Cyber Essentials, NIST, CIS and OWASP Top10 The ability to articulate complex security concepts to both technical and non-technical audiences Experience of leading security-based projects Good understanding of attack vectors, and defensive and detection cyber technologies Ability to balance security priorities with the business' objectives, values and risk appetite Proven people management and leadership Great people management skills Proven track record of delivering solutions Excellent communicator Well organised and structured Qualifications (Desirable) CISM (Certified Information Security Manager) CISSP (Certified Information System Security Professional) GDPR / Data Privacy qualification Microsoft / CompTIA / Cisco / AWS or other technical cyber security qualification Demonstrated Commitment to our Core Purpose Power in Partnership : We work in partnership with our clients & each other - building open and trusted relationships. Working together allows us to deliver the best for our clients. Future Focus : We want to push our industry forward by solving problems in better ways that benefit both our clients & society. Strength in Difference : We work with diverse perspectives to find better solutions. Working with differences makes us stronger. People First : We recognise that pensions is a people business. People are the source of Isio's expertise and it is people's lives that we affect through our advice. What we offer you Isio is a people business, and we're committed to helping our great colleagues gain a wide variety of experience, significant development opportunities and progression through the business . The variety of work that'll be available to you will enable you to do this. On top, we also offer: A competitive remuneration package , including a bonus scheme. A defined contribution pension scheme . Life insurance . Healthcare benefits . Income protection benefits . 25 days annual leave (plus bank holidays) as standard with the option to purchase additional days of holiday. As well as two additional 'Company' days - a celebration day for your birthday and an extra day over Christmas. Corporate Social Responsibility (CSR) allowance Flexible working opportunities. A flexible benefits package. Internal development programmes including (technical and non-technical) training support and mentor programmes. Where required study support including study days, materials and exam entry support. What's next? Click on the 'apply' and follow the simple application process online. If you think you may require a reasonable adjustment to be made for any reason at any stage of your recruitment process, please email About Isio Isio was 'born' in 2020 from the sale of KPMG UK's Pension Practice to a private equity firm. An industry-leading challenger, we provide diverse expertise spanning Pensions, Investment, Benefits and Wealth to give clients an integrated experience. Isio is built by challengers, innovators and forward-thinkers, grounded around a vision which strives to deliver greater financial confidence for everyone. We empower and develop those who join us - valuing curious minds and giving people the freedom to outperform. Known and respected for our agility, we harness specialist experience, bold thinking and the desire to push the boundaries of what we can achieve for our clients, from small to blue chip, public to private. Isio is growing and we are looking for people who share our purpose and behaviours to join us on this journey, as we continue driving exceptional results for both our clients and people. At Isio, we are committed to fostering an inclusive, equitable and diverse workplace, in which our colleagues feel they belong, regardless of background or difference. We uphold the values of respect, fairness, and inclusion in our actions and decisions. We believe that by adhering to these principles, we will create a stronger, more innovative, and supportive environment for all, as well as ensuring that the advice and support we provide to our clients is more creative, more insightful and leaves a lasting impact. We have offices across the UK and many of our roles offer a hybrid, flexible approach to work to help create a work-life balance that works for you. Isio Group is an equal opportunities employer and we welcome applications from all suitably qualified candidates.
We seek a Senior Cyber Security Analyst to be responsible for maintaining SecOps (Security Operations) solutions, controls and processes across the organisation. This role requires a deep understanding of SecOps concepts, technologies, and best practices, as well as the ability to collaborate effectively with cross-functional teams. What you will be doing as a Senior Cyber Security Analyst Investigate security alerts from our SIEM tool and provide appropriate incident response actions. Liaise with technology and business stakeholders about cyber security issues/incidents providing clear descriptions and actions. Support the Cyber Security Operations Lead for security and privacy incidents, triaging events and performing root cause analysis to understand how incidents arise. There is a need to be on call. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM), identify potential issues, and recommend and implement proactive solutions. Collaborate with stakeholders to understand business requirements and implement security controls that are proportionate to the risk. Stay current on industry trends, emerging technologies, and best practices to continuously improve security operations. Contextualizing threats specific to the OT estate, and ensuring effective controls and mitigations are in place. Essential Experience Extensive experience in a technical Cyber Security or IT role, preferably in an enterprise environment. Exposure to working in or with a security operations centre (SOC) or similar environment. Triaging problems or issues in a structured and disciplined manner. Experience in remediating cyber risks in ever-changing digital environments. Strong knowledge of Multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management. (SIEM) Good understanding of IT, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for Sentinel queries and alerts. Desirable Experience Familiarity with managing network security capabilities such as NAC (Network Access Control), Firewalls, Proxies/VPN, IDS/IPS, etc. Degree in Cyber Security, Computer Science, Information Technology, Engineering, or related field. Microsoft SecOps specific certification(s) e.g. Microsoft Security Operations Analyst (SC-200) Hands-on experience utilising and configuring Microsoft Security Operations tools such as Sentinel and Defender. Any generic cyber security industry certification(s) such as CISSP, CISM, or CCSP. GCS is acting as an Employment Agency in relation to this vacancy.
Feb 21, 2025
Full time
We seek a Senior Cyber Security Analyst to be responsible for maintaining SecOps (Security Operations) solutions, controls and processes across the organisation. This role requires a deep understanding of SecOps concepts, technologies, and best practices, as well as the ability to collaborate effectively with cross-functional teams. What you will be doing as a Senior Cyber Security Analyst Investigate security alerts from our SIEM tool and provide appropriate incident response actions. Liaise with technology and business stakeholders about cyber security issues/incidents providing clear descriptions and actions. Support the Cyber Security Operations Lead for security and privacy incidents, triaging events and performing root cause analysis to understand how incidents arise. There is a need to be on call. Monitor, analyse and optimise SecOps tool performance (e.g. SIEM), identify potential issues, and recommend and implement proactive solutions. Collaborate with stakeholders to understand business requirements and implement security controls that are proportionate to the risk. Stay current on industry trends, emerging technologies, and best practices to continuously improve security operations. Contextualizing threats specific to the OT estate, and ensuring effective controls and mitigations are in place. Essential Experience Extensive experience in a technical Cyber Security or IT role, preferably in an enterprise environment. Exposure to working in or with a security operations centre (SOC) or similar environment. Triaging problems or issues in a structured and disciplined manner. Experience in remediating cyber risks in ever-changing digital environments. Strong knowledge of Multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management. (SIEM) Good understanding of IT, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for Sentinel queries and alerts. Desirable Experience Familiarity with managing network security capabilities such as NAC (Network Access Control), Firewalls, Proxies/VPN, IDS/IPS, etc. Degree in Cyber Security, Computer Science, Information Technology, Engineering, or related field. Microsoft SecOps specific certification(s) e.g. Microsoft Security Operations Analyst (SC-200) Hands-on experience utilising and configuring Microsoft Security Operations tools such as Sentinel and Defender. Any generic cyber security industry certification(s) such as CISSP, CISM, or CCSP. GCS is acting as an Employment Agency in relation to this vacancy.
WiseTech Global is a leading force in empowering and revolutionizing the world's supply chains. Our innovative technologies play a pivotal role in safeguarding the data and ensuring the security of thousands of users globally, including the world's largest freight forwarders. We are dedicated to delivering efficiency, transparency, and confidence through our Governance, Risk, and Compliance (GRC) framework. The Opportunity: We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Analyst with expertise in managing acquisitions, integrating them seamlessly into our company's way of working as well as responding to our customer's security questionnaires. The ideal candidate should have 5+ years of direct work experience and a proven track record of successfully navigating the challenges associated with assimilating newly acquired entities into existing business operations. The role requires a keen understanding of regulatory compliance, risk management, and a strategic mindset to ensure smooth and efficient integration processes. The GRC Analyst will play a critical role in enhancing our overall GRC posture and maintaining regulatory compliance for WiseTech Global. Key Responsibilities: Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities. Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy. Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams. Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls. Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders. Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management. Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process. Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires. Qualifications and Desired Experience: 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration. Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST. Experience with SOC1/2, GDPR, and privacy frameworks. Proficiency in information security tools, techniques, and controls. Experience with metrics and KPIs to measure and track information security risk. Ability to develop policies, standards, and guidelines. ISO27001:2022 Lead Implementer and lead auditor certifications are a must. CISA, CISM, CISSP, or CRISC certifications are desirable. Candidate Characteristics: Exceptional communication and interpersonal skills. Analytical mindset with the ability to identify, assess, and mitigate risks. Good project management skills with ISMS and control implementation experience. Knowledge of GRC software tools and technology. Attention to detail and commitment to high-quality deliverables that meet business and compliance objectives. Why Join WiseTech Global: At WiseTech Global, we don't just offer a job; we provide an opportunity to excel. We believe in hiring the best talent who can drive themselves and our business to greater heights. Join us in our mission to transform global trade, one innovation at a time. Join WiseTech Global and be a part of a dynamic and innovative team dedicated to transforming global trade. Before you Apply From time to time, WiseTech Global may use an external service provider to assess applications on our behalf. Accordingly, by applying for this role and providing your personal information to WiseTech Global, you consent to WiseTech Global providing this information to our external service providers who are required to treat such information with strict confidentiality in line with privacy and data protection laws and regulations. We are a global team of passionate people enabling and empowering the supply chains of the world.
Feb 17, 2025
Full time
WiseTech Global is a leading force in empowering and revolutionizing the world's supply chains. Our innovative technologies play a pivotal role in safeguarding the data and ensuring the security of thousands of users globally, including the world's largest freight forwarders. We are dedicated to delivering efficiency, transparency, and confidence through our Governance, Risk, and Compliance (GRC) framework. The Opportunity: We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Analyst with expertise in managing acquisitions, integrating them seamlessly into our company's way of working as well as responding to our customer's security questionnaires. The ideal candidate should have 5+ years of direct work experience and a proven track record of successfully navigating the challenges associated with assimilating newly acquired entities into existing business operations. The role requires a keen understanding of regulatory compliance, risk management, and a strategic mindset to ensure smooth and efficient integration processes. The GRC Analyst will play a critical role in enhancing our overall GRC posture and maintaining regulatory compliance for WiseTech Global. Key Responsibilities: Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities. Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy. Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams. Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls. Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders. Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management. Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process. Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires. Qualifications and Desired Experience: 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration. Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST. Experience with SOC1/2, GDPR, and privacy frameworks. Proficiency in information security tools, techniques, and controls. Experience with metrics and KPIs to measure and track information security risk. Ability to develop policies, standards, and guidelines. ISO27001:2022 Lead Implementer and lead auditor certifications are a must. CISA, CISM, CISSP, or CRISC certifications are desirable. Candidate Characteristics: Exceptional communication and interpersonal skills. Analytical mindset with the ability to identify, assess, and mitigate risks. Good project management skills with ISMS and control implementation experience. Knowledge of GRC software tools and technology. Attention to detail and commitment to high-quality deliverables that meet business and compliance objectives. Why Join WiseTech Global: At WiseTech Global, we don't just offer a job; we provide an opportunity to excel. We believe in hiring the best talent who can drive themselves and our business to greater heights. Join us in our mission to transform global trade, one innovation at a time. Join WiseTech Global and be a part of a dynamic and innovative team dedicated to transforming global trade. Before you Apply From time to time, WiseTech Global may use an external service provider to assess applications on our behalf. Accordingly, by applying for this role and providing your personal information to WiseTech Global, you consent to WiseTech Global providing this information to our external service providers who are required to treat such information with strict confidentiality in line with privacy and data protection laws and regulations. We are a global team of passionate people enabling and empowering the supply chains of the world.
At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. YOUR ROLE As a Service Designer, you will be joining the growing and exciting Digital Factory community who are continually sharing knowledge and expertise. We are all passionate about user-centred design, critical thinking, problem solving and designing and building digital services and products. You will champion inclusive design practices throughout our project lifecycles, ensuring solutions are accessible to as many users as possible. This includes engaging with diverse user research, applying accessibility guidelines and legislation, and advocating for inclusive design principles in your deliverables. Working at Capgemini Invent would give you opportunities to develop and grow, working with major clients in both public and private sector. Our offices are in a variety of locations including London, Manchester and Glasgow. We offer hybrid working, however depending on your project you may have to travel to client locations. As a Service Designer you will: Maximise the value we deliver for our clients right from the inception to real life application of Service Design. Support our clients through the end-to-end service design process to design and develop innovative products and services. This process will be all the way from ideation and inception through to solution build and testing. Champion user-centricity - with a set of tools and methods you can draw upon to embed design thinking / user-centricity Work on new ideas and work alongside solution team to design and develop innovative products and services Use current and emerging trends to identify and lead improvements to existing services as well as introduce innovative and industry first service experiences influencing service managers, user researchers, UI/UX designers and programme directors to understand the value as a result of user focused transformation As part of your role you will also have the opportunity to contribute to the business and your own personal growth, through activities that form part of the following categories: Business Development - Leading/contributing to proposals, RFPs, bids, proposition development, client pitch contribution, client hosting at events. Internal contribution - Campaign development, internal think-tanks, whitepapers, practice development (operations, recruitment, team events & activities), offering development. Learning & development - Training to support your career development and the skills demand within the company, certifications etc. YOUR PROFILE You will bring below skills and experience: Proven experience working across a service design process, autonomously with minimal support Experience working with Government Digital Service(GDS) service standards, applying GDS design principles Ability tocreate service design artefacts and outputs, such as current and future-state user journeys, personas, service concepts, service blueprints and other artefacts Ability to identify potentialaccessibilitybarriers for complex user groups Client readiness', with experience facilitating workshops, design sprints, ideation sessions or similar Ability to visualise complex services in an easy-to-understand format for varying audiences Ability to adopt a curious and inquisitive mindset - with apassion for asking 'why' Ability to critically break down complex problems in a fast-paced environment, with a knack for storytelling Strong understanding and experience ofworking in an agile (scrum) environmentin a cross-functional team including but not limited to user researchers, UX/UI designers, business analysts, product owners, delivery managers and developers Ability to manage competing priorities in a tight timeframe with a proactive mindset Strong stakeholder management skills, with the ability to balance competing views as part of the design process Aptitude for being anadvocate for user-centricity, with the ability to develop and translate user stories and propose design approaches or services to meet these needs and engage in meaningful interactions and relationships with users SC (Security Check) Clearanceor being eligible for this level of clearance (by being a UK resident for at least 3 years and not having left the country for more than 6 consecutive months during this period) WHAT YOU'LL LOVE ABOUT WORKING HERE: We are delighted to have received the"Glassdoor Best Places to work UK' accolade for 5 consecutive years.To see what it's like to work at Capgemini Invent, visit ourGlassdoor page.Capgemini Invent offers Consultants a culture of learning, ownership, and focus on value. You'll gain exposure to high-profile transformations and gain hands-on exposure to leading technologies. Our consultants are formally trained by industry experts in consulting and client delivery. Consultants have access to a vast array for different training and certifications in a variety of areas: cloud technologies (AWS, Azure, GCP), programming (Java, Kotlin, NodeJS, Spring Boot), DevOps (Terraform, Kubernetes, Docker), Cybersecurity (CISSP, CISM) and Agile delivery (Scrum Master, Product Owner, Scaled Agile Framework). Capgemini Invent offers you the flexibility to develop various areas of knowledge in technical domains aligned both to your interests and our client's outcomes. Les Fontaines: Capgemini Invent has a unique training environment just outside of Paris, where we can immerse ourselves in thought-leadership, share knowledge and build capabilities that will help us and our clients to succeed. We hold monthly showcases of our digital transformation initiatives, sharing knowledge and showing off how the power of technology is impacting our clients. There are monthly team drinks, and it's a chance to connect face-to-face with the wider team over a few drinks in the city. The monthly team breakfasts give you a different, more relaxed setting to meet up in the office to hear from the leadership, meet colleagues and discuss the trends and insights within the market. Team away days are always a chance to connect with the team, have fun and learn something new. NEED TO KNOW At Capgemini we don't just believe in Diversity & Inclusion, we actively go out to making it a working reality. Driven by our core values and Active Inclusion Campaign, we build environments where you can bring you whole self to work. We aim to build an environment where employees can enjoy a positive work-life balance. We embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements. Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce a critical component for us to achieve our organisational ambitions. To help support wellbeing we have trained 'Mental Health Champions' across each of our business areas. We have also invested in wellbeing apps such as Thrive and Peppy. CSR We're also focused on using tech to have a positive social impact. So, we're working to reduce our own carbon footprint and improve everyone's access to a digital world. It's something we're really serious about. In fact, we were even named asone of the world's most ethical companies by the Ethisphere Institute for the 10th year.When you join Capgemini, you'll join a team that does the right thing. Whilst you will haveLondon,ManchesterorGlasgowas an office base location, you must be fully flexible in terms of assignment location, as these roles may involve periods of time away from home at short notice. We offer a remuneration package which includes flexible benefits options for you to choose to suit your own personal circumstances and a variable element dependent grade and on company and personal performance. In order to commence a role with Capgemini UK plc you will be required to provide documentary proof prior to joining the Company that you are entitled to live and work in the UK. More information is at available at: Capgemini Invent ABOUT CAPGEMINI Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2023 global revenues of €22.5 billion. Ref. code: 161949 Posted on: 4 Feb 2025 Experience Level: Experienced Professionals Contract Type: Permanent Location: Glasgow, GB London . click apply for full job details
Feb 17, 2025
Full time
At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. YOUR ROLE As a Service Designer, you will be joining the growing and exciting Digital Factory community who are continually sharing knowledge and expertise. We are all passionate about user-centred design, critical thinking, problem solving and designing and building digital services and products. You will champion inclusive design practices throughout our project lifecycles, ensuring solutions are accessible to as many users as possible. This includes engaging with diverse user research, applying accessibility guidelines and legislation, and advocating for inclusive design principles in your deliverables. Working at Capgemini Invent would give you opportunities to develop and grow, working with major clients in both public and private sector. Our offices are in a variety of locations including London, Manchester and Glasgow. We offer hybrid working, however depending on your project you may have to travel to client locations. As a Service Designer you will: Maximise the value we deliver for our clients right from the inception to real life application of Service Design. Support our clients through the end-to-end service design process to design and develop innovative products and services. This process will be all the way from ideation and inception through to solution build and testing. Champion user-centricity - with a set of tools and methods you can draw upon to embed design thinking / user-centricity Work on new ideas and work alongside solution team to design and develop innovative products and services Use current and emerging trends to identify and lead improvements to existing services as well as introduce innovative and industry first service experiences influencing service managers, user researchers, UI/UX designers and programme directors to understand the value as a result of user focused transformation As part of your role you will also have the opportunity to contribute to the business and your own personal growth, through activities that form part of the following categories: Business Development - Leading/contributing to proposals, RFPs, bids, proposition development, client pitch contribution, client hosting at events. Internal contribution - Campaign development, internal think-tanks, whitepapers, practice development (operations, recruitment, team events & activities), offering development. Learning & development - Training to support your career development and the skills demand within the company, certifications etc. YOUR PROFILE You will bring below skills and experience: Proven experience working across a service design process, autonomously with minimal support Experience working with Government Digital Service(GDS) service standards, applying GDS design principles Ability tocreate service design artefacts and outputs, such as current and future-state user journeys, personas, service concepts, service blueprints and other artefacts Ability to identify potentialaccessibilitybarriers for complex user groups Client readiness', with experience facilitating workshops, design sprints, ideation sessions or similar Ability to visualise complex services in an easy-to-understand format for varying audiences Ability to adopt a curious and inquisitive mindset - with apassion for asking 'why' Ability to critically break down complex problems in a fast-paced environment, with a knack for storytelling Strong understanding and experience ofworking in an agile (scrum) environmentin a cross-functional team including but not limited to user researchers, UX/UI designers, business analysts, product owners, delivery managers and developers Ability to manage competing priorities in a tight timeframe with a proactive mindset Strong stakeholder management skills, with the ability to balance competing views as part of the design process Aptitude for being anadvocate for user-centricity, with the ability to develop and translate user stories and propose design approaches or services to meet these needs and engage in meaningful interactions and relationships with users SC (Security Check) Clearanceor being eligible for this level of clearance (by being a UK resident for at least 3 years and not having left the country for more than 6 consecutive months during this period) WHAT YOU'LL LOVE ABOUT WORKING HERE: We are delighted to have received the"Glassdoor Best Places to work UK' accolade for 5 consecutive years.To see what it's like to work at Capgemini Invent, visit ourGlassdoor page.Capgemini Invent offers Consultants a culture of learning, ownership, and focus on value. You'll gain exposure to high-profile transformations and gain hands-on exposure to leading technologies. Our consultants are formally trained by industry experts in consulting and client delivery. Consultants have access to a vast array for different training and certifications in a variety of areas: cloud technologies (AWS, Azure, GCP), programming (Java, Kotlin, NodeJS, Spring Boot), DevOps (Terraform, Kubernetes, Docker), Cybersecurity (CISSP, CISM) and Agile delivery (Scrum Master, Product Owner, Scaled Agile Framework). Capgemini Invent offers you the flexibility to develop various areas of knowledge in technical domains aligned both to your interests and our client's outcomes. Les Fontaines: Capgemini Invent has a unique training environment just outside of Paris, where we can immerse ourselves in thought-leadership, share knowledge and build capabilities that will help us and our clients to succeed. We hold monthly showcases of our digital transformation initiatives, sharing knowledge and showing off how the power of technology is impacting our clients. There are monthly team drinks, and it's a chance to connect face-to-face with the wider team over a few drinks in the city. The monthly team breakfasts give you a different, more relaxed setting to meet up in the office to hear from the leadership, meet colleagues and discuss the trends and insights within the market. Team away days are always a chance to connect with the team, have fun and learn something new. NEED TO KNOW At Capgemini we don't just believe in Diversity & Inclusion, we actively go out to making it a working reality. Driven by our core values and Active Inclusion Campaign, we build environments where you can bring you whole self to work. We aim to build an environment where employees can enjoy a positive work-life balance. We embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements. Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce a critical component for us to achieve our organisational ambitions. To help support wellbeing we have trained 'Mental Health Champions' across each of our business areas. We have also invested in wellbeing apps such as Thrive and Peppy. CSR We're also focused on using tech to have a positive social impact. So, we're working to reduce our own carbon footprint and improve everyone's access to a digital world. It's something we're really serious about. In fact, we were even named asone of the world's most ethical companies by the Ethisphere Institute for the 10th year.When you join Capgemini, you'll join a team that does the right thing. Whilst you will haveLondon,ManchesterorGlasgowas an office base location, you must be fully flexible in terms of assignment location, as these roles may involve periods of time away from home at short notice. We offer a remuneration package which includes flexible benefits options for you to choose to suit your own personal circumstances and a variable element dependent grade and on company and personal performance. In order to commence a role with Capgemini UK plc you will be required to provide documentary proof prior to joining the Company that you are entitled to live and work in the UK. More information is at available at: Capgemini Invent ABOUT CAPGEMINI Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2023 global revenues of €22.5 billion. Ref. code: 161949 Posted on: 4 Feb 2025 Experience Level: Experienced Professionals Contract Type: Permanent Location: Glasgow, GB London . click apply for full job details
Senior Security Monitoring and Response Analyst Senior Security Monitoring and Response Analyst Apply locations London, England (Angel Lane) time type Full time posted on Posted Yesterday time left to apply End Date: February 25, 2025 (30+ days left to apply) job requisition id R-237194 Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart, and accessible. Title and Summary Mastercard Vocalink is looking for a driven and motivated Senior Security Operations Analyst with Incident Response capabilities, to contribute to securing critical payments infrastructure in the UK. In this role you'll be responsible for triaging alerts and responding to security incidents. When not actively engaged in ongoing incidents, the team works on the improvement and streamlining of the detection and response function. Role Responsibilities Providing monitoring coverage, triage and investigation of escalated alerts (T3) from various sources. Responding to cybersecurity incidents through critical thinking, defining, and applying playbook responses. Applying root cause analysis and lessons learned to improve security posture and processes. Working closely with security engineering, threat intelligence, insider threat and a managed SOC service, providing critical feedback to improve and automate monitoring and response. Strong collaboration with the team to develop knowledge base, playbook and use cases. Proactive initiatives and project-related support by providing subject matter expertise. Ability to work independently as well as collaborate with different teams to assess impact, mitigate risk, and resolve security incidents. Qualifications Required Experience: Direct experience in a Security Operations Center (SOC). Experience working in an incident response or digital forensics role. Demonstrated experience with cybersecurity related disciplines, not limited to: vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting. Preferred Experience: Experience in creating queries and alerts in a SIEM, preferably in SPL. Experience with Windows/Unix OS forensics. Experience with Cloud Security (Azure, AWS, GCP). Experience working with NDR/EDR solutions. Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs). Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner. CISSP, GIAC certifications or equivalent. The Ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks come with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach; Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. About Us Everyone wants easier ways to pay; we invent them. Checkout lines are slow; we speed them along. Merchants want more sales; we give them data and insights. People need financial access; we connect them. Corporate purchasing is complicated; we make it simple. Commuters are busy; we speed them on their way. Small businesses are virtual; we give them access to a world of buyers.
Feb 13, 2025
Full time
Senior Security Monitoring and Response Analyst Senior Security Monitoring and Response Analyst Apply locations London, England (Angel Lane) time type Full time posted on Posted Yesterday time left to apply End Date: February 25, 2025 (30+ days left to apply) job requisition id R-237194 Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart, and accessible. Title and Summary Mastercard Vocalink is looking for a driven and motivated Senior Security Operations Analyst with Incident Response capabilities, to contribute to securing critical payments infrastructure in the UK. In this role you'll be responsible for triaging alerts and responding to security incidents. When not actively engaged in ongoing incidents, the team works on the improvement and streamlining of the detection and response function. Role Responsibilities Providing monitoring coverage, triage and investigation of escalated alerts (T3) from various sources. Responding to cybersecurity incidents through critical thinking, defining, and applying playbook responses. Applying root cause analysis and lessons learned to improve security posture and processes. Working closely with security engineering, threat intelligence, insider threat and a managed SOC service, providing critical feedback to improve and automate monitoring and response. Strong collaboration with the team to develop knowledge base, playbook and use cases. Proactive initiatives and project-related support by providing subject matter expertise. Ability to work independently as well as collaborate with different teams to assess impact, mitigate risk, and resolve security incidents. Qualifications Required Experience: Direct experience in a Security Operations Center (SOC). Experience working in an incident response or digital forensics role. Demonstrated experience with cybersecurity related disciplines, not limited to: vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting. Preferred Experience: Experience in creating queries and alerts in a SIEM, preferably in SPL. Experience with Windows/Unix OS forensics. Experience with Cloud Security (Azure, AWS, GCP). Experience working with NDR/EDR solutions. Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs). Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner. CISSP, GIAC certifications or equivalent. The Ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks come with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach; Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. About Us Everyone wants easier ways to pay; we invent them. Checkout lines are slow; we speed them along. Merchants want more sales; we give them data and insights. People need financial access; we connect them. Corporate purchasing is complicated; we make it simple. Commuters are busy; we speed them on their way. Small businesses are virtual; we give them access to a world of buyers.
Cyber GRC Consultant Tech Transformation Practice London Consultant - Senior Consultant level You want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300,000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready? About the role We are looking for a highly skilled Cyber GRC (Governance, Risk, and Compliance) Consultant to help organizations strengthen their cybersecurity posture, manage cyber risks, and ensure regulatory compliance. The ideal candidate will have deep expertise in cybersecurity frameworks, risk management, regulatory compliance, and security governance. As a Cyber GRC Consultant, you will collaborate with security, IT, and compliance teams to develop and implement cybersecurity policies, conduct risk assessments, and ensure adherence to global security standards and regulations. You will: Work on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization. Contribute to the development of consulting go-to-market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks. Support and maybe lead NIST CSF risk assessments. Help design innovative new services to lead the market incorporating AI and ML where it brings value. Support presales, sales, and account management pursuits from a subject matter expert perspective. You will have already achieved strong career progression to date, and experience working with recognized consulting brands and large commercial sector clients. You will have a passion for cyber security and a genuine interest in staying updated with the latest industry trends and developments. Your security experience must include: A relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security). 1-5 years+ in the field of cyber security/infosec. Your diverse Security experience may include one or some of the following: A good understanding of NIST CSF. A post graduate degree in cyber/information security. An understanding of ISO27001, NIS2, SOX, GDPR, DORA. Cyber Due Diligence Assessments. Third-Party & Supply chain Cyber Risk Management. Incident Response Plan review. Supporting bids, RFP responses and proposals. Crisis Management Exercises (CMX). Accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM. Helped design Target Operating Models (TOMs) and RACI Matrices. Helping the design of Cyber Security Roadmaps. Supporting Post Incident Reviews. Reading and summarising Cyber Threat Intelligence reports. Cyber security compliance programs (GDPR, DORA, ISO27001, NIS2, SOX). Cyber Security Risk Assessments or Maturity Assessments. Design and deliver awareness training. Worked on Identity and Access Management projects. Worked on Privileged access management projects. Our ideal candidate may have some of the following skills: Have a broad business skill set including stakeholder management, problem-solving, and resilience. Have experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences. Have excellent interpersonal skills and strong written and verbal communication skills in country's official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel. Enjoy working with different clients from different industries. Have some experience in balancing technical and commercial considerations to develop practical advice or solutions for clients. Be able to build strong and effective business relationships at all levels. Be able to support and oversee staff with less experience in their tasks. Be able to explain complex cyber methodologies using accessible non-technical language (both written and verbal). Given that this is just a short snapshot of the role, we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now. About your team At the Tech Transformation practice, we help CIOs overcome their biggest challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget constraints; enabling them to leverage technology to deliver value to their business. We have a team of business analysts, enterprise architects, and cybersecurity specialists with business, operational, strategic, analytical, and innovation skills that come together to drive business IT alignment, transform IT governance, IT cost containment, operating efficiency improvements, innovation enablement, and cybersecurity risk, governance, and compliance. About Infosys Consulting Be part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market-leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey. Our core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, Equity and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page. Within Europe, we are recognized as one of the UK's top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity, and dedicated training and career paths. Infosys is on Germany's top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row. We offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We'd love to hear from you Apply today!
Feb 13, 2025
Full time
Cyber GRC Consultant Tech Transformation Practice London Consultant - Senior Consultant level You want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300,000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready? About the role We are looking for a highly skilled Cyber GRC (Governance, Risk, and Compliance) Consultant to help organizations strengthen their cybersecurity posture, manage cyber risks, and ensure regulatory compliance. The ideal candidate will have deep expertise in cybersecurity frameworks, risk management, regulatory compliance, and security governance. As a Cyber GRC Consultant, you will collaborate with security, IT, and compliance teams to develop and implement cybersecurity policies, conduct risk assessments, and ensure adherence to global security standards and regulations. You will: Work on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization. Contribute to the development of consulting go-to-market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks. Support and maybe lead NIST CSF risk assessments. Help design innovative new services to lead the market incorporating AI and ML where it brings value. Support presales, sales, and account management pursuits from a subject matter expert perspective. You will have already achieved strong career progression to date, and experience working with recognized consulting brands and large commercial sector clients. You will have a passion for cyber security and a genuine interest in staying updated with the latest industry trends and developments. Your security experience must include: A relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security). 1-5 years+ in the field of cyber security/infosec. Your diverse Security experience may include one or some of the following: A good understanding of NIST CSF. A post graduate degree in cyber/information security. An understanding of ISO27001, NIS2, SOX, GDPR, DORA. Cyber Due Diligence Assessments. Third-Party & Supply chain Cyber Risk Management. Incident Response Plan review. Supporting bids, RFP responses and proposals. Crisis Management Exercises (CMX). Accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM. Helped design Target Operating Models (TOMs) and RACI Matrices. Helping the design of Cyber Security Roadmaps. Supporting Post Incident Reviews. Reading and summarising Cyber Threat Intelligence reports. Cyber security compliance programs (GDPR, DORA, ISO27001, NIS2, SOX). Cyber Security Risk Assessments or Maturity Assessments. Design and deliver awareness training. Worked on Identity and Access Management projects. Worked on Privileged access management projects. Our ideal candidate may have some of the following skills: Have a broad business skill set including stakeholder management, problem-solving, and resilience. Have experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences. Have excellent interpersonal skills and strong written and verbal communication skills in country's official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel. Enjoy working with different clients from different industries. Have some experience in balancing technical and commercial considerations to develop practical advice or solutions for clients. Be able to build strong and effective business relationships at all levels. Be able to support and oversee staff with less experience in their tasks. Be able to explain complex cyber methodologies using accessible non-technical language (both written and verbal). Given that this is just a short snapshot of the role, we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now. About your team At the Tech Transformation practice, we help CIOs overcome their biggest challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget constraints; enabling them to leverage technology to deliver value to their business. We have a team of business analysts, enterprise architects, and cybersecurity specialists with business, operational, strategic, analytical, and innovation skills that come together to drive business IT alignment, transform IT governance, IT cost containment, operating efficiency improvements, innovation enablement, and cybersecurity risk, governance, and compliance. About Infosys Consulting Be part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market-leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey. Our core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, Equity and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page. Within Europe, we are recognized as one of the UK's top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity, and dedicated training and career paths. Infosys is on Germany's top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row. We offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We'd love to hear from you Apply today!
In Technology Group Limited
Manchester, Lancashire
Senior Cyber Security Analyst Wanted in Manchester! Salary: £50,000 - £70,000 Are you a Cyber Security expert ready to take the lead in a dynamic and cutting-edge environment? Join our team in Manchester as a Senior Cyber Security Analyst and make a significant impact on our organization's security posture. Key Responsibilities: Threat Detection and Response: Utilize advanced tools and techniques to detect and respond to security incidents promptly. Incident Management: Lead incident response efforts, coordinating with cross-functional teams for effective resolution. Vulnerability Management: Conduct assessments, identify vulnerabilities, and implement strategies for remediation. Security Architecture: Provide expertise in designing and implementing robust security architectures. Security Awareness: Foster a culture of security awareness and best practices throughout the organization. Qualifications: ? Experience: Minimum of 5 years in Cyber Security roles with a focus on analysis and incident response. ? Certifications: CISSP, CISM, or equivalent certifications highly desirable. ? Technical Proficiency: Strong understanding of security technologies, network protocols, and emerging threats. ? Leadership Skills: Proven ability to lead and mentor a team of security professionals effectively. Perks and Benefits: ? Competitive Compensation: Enjoy a competitive salary with performance-based bonuses. ? Comprehensive Benefits: Health, dental, and retirement benefits to ensure your well-being. ? Work-Life Balance: Flexible work hours and remote work options available. ? Professional Development: Access to training programs and certifications to support your continuous learning. Why Us: ? Innovation Hub: Be part of a forward-thinking organization at the forefront of technological advancements. ? Collaborative Culture: Join a team that values collaboration, creativity, and a passion for staying ahead of cyber threats. ? Career Growth: We believe in investing in our team's development, offering ample opportunities for career advancement. If you are passionate about cyber security and want to be part of a team dedicated to excellence, apply now and let's shape the future of security together! ? In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Feb 01, 2024
Full time
Senior Cyber Security Analyst Wanted in Manchester! Salary: £50,000 - £70,000 Are you a Cyber Security expert ready to take the lead in a dynamic and cutting-edge environment? Join our team in Manchester as a Senior Cyber Security Analyst and make a significant impact on our organization's security posture. Key Responsibilities: Threat Detection and Response: Utilize advanced tools and techniques to detect and respond to security incidents promptly. Incident Management: Lead incident response efforts, coordinating with cross-functional teams for effective resolution. Vulnerability Management: Conduct assessments, identify vulnerabilities, and implement strategies for remediation. Security Architecture: Provide expertise in designing and implementing robust security architectures. Security Awareness: Foster a culture of security awareness and best practices throughout the organization. Qualifications: ? Experience: Minimum of 5 years in Cyber Security roles with a focus on analysis and incident response. ? Certifications: CISSP, CISM, or equivalent certifications highly desirable. ? Technical Proficiency: Strong understanding of security technologies, network protocols, and emerging threats. ? Leadership Skills: Proven ability to lead and mentor a team of security professionals effectively. Perks and Benefits: ? Competitive Compensation: Enjoy a competitive salary with performance-based bonuses. ? Comprehensive Benefits: Health, dental, and retirement benefits to ensure your well-being. ? Work-Life Balance: Flexible work hours and remote work options available. ? Professional Development: Access to training programs and certifications to support your continuous learning. Why Us: ? Innovation Hub: Be part of a forward-thinking organization at the forefront of technological advancements. ? Collaborative Culture: Join a team that values collaboration, creativity, and a passion for staying ahead of cyber threats. ? Career Growth: We believe in investing in our team's development, offering ample opportunities for career advancement. If you are passionate about cyber security and want to be part of a team dedicated to excellence, apply now and let's shape the future of security together! ? In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
As a Cyber Security Manager, you will be working with different teams to deliver high quality work. Help gain comfort by using your technical knowledge of Cyber Security risks and controls. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Client Details National organisation within the public sector based in Cardiff Description As a Cyber Security Manager in our Digital Directorate, you will be working with different teams to deliver high quality work. You will help gain comfort by using your technical knowledge of Cyber Security risks and controls. You will actively improve operational efficiency on projects and internal initiatives, in line with the UHB's commitment to quality. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Provide and receive complex, sensitive information relating to Cyber Security andCorporate issues ensuring the safe operation of the organisations ICT systems Investigate complex Cyber Security enquiries providing assistance & advice asrequired Coordinate Cyber Security incident responses at organisational level Communicate complex ICT and Cyber Security issues to non-ICT managers Negotiate with external organisations over service issues and supply chain management Leads on Cyber Security issues and compliance in ICT Implement Cyber Security policy, procedures and processes which impacts Informatics and within own team Ensures that all health board hardware and software are security protected Achieve and maintain compliance with National Cyber Security Standards Manage the operation of Cyber Security information system within the health board Develop Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Evaluation of Cyber Security solutions, either hardware or software based, for use in organisation Regular testing of Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Profile A strong academic background to degree level or equivalent experience in a directly related role A related professional certification, for example; Certified Information systems security professional (CISSP), Certified Information Security Manager (CISM) Solid IT and/or technology background ITIL Foundation Educated to Degree level (preferably Cyber Security) or equivalent level of work experience and knowledge Degree educated in an IT related discipline Information Technology Infrastructure Library (ITIL) Foundation Certificate IT based qualification preferably security related such as GCIA Certified intrusion Analyst, etc. ITIL Managing Across the Lifecycle PRINCE2 Foundation Formal leadership training at equivalent or greater to Institute of Leadership & Management (ILM) Level 5 Application Form Certificate Check CAJE Reference: RWM/2019/0140 Professional qualification or membership in cyber security (International Information Systems Security Certification (ISC2), British Computer Society (BCS), National Computer Security Centre (NCSC), etc) or equivalent Evidence of Continual Professional Development At least 3 years working in an IT based role preferably in a security related area Strong knowledge and experience of a number of the following; Information Security, architecture design and implementation, security assessments, Identity and Access Management, Third Party Risk Management and IT Controls Testing Awareness of National and International security standards Relevant experience working in a senior Cyber Security Role Broad knowledge of and understanding of IT Knowledge of IT security principles Full stack knowledge from network to server Excellent understanding of cyber security best practices and terminology Knowledge of desktop and mobile devices and operating systems Good knowledge of common cyber security tools and solutions Good understanding of security monitoring and alerting solutions Excellent understanding of Cyber Security professional code of conduct Good understanding of vulnerability scanning and penetration testing Job Offer Permanent Salary: £41,659 - £47,672 + Benefits Location: Cardiff Flexible working Patterns
Dec 18, 2022
Full time
As a Cyber Security Manager, you will be working with different teams to deliver high quality work. Help gain comfort by using your technical knowledge of Cyber Security risks and controls. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Client Details National organisation within the public sector based in Cardiff Description As a Cyber Security Manager in our Digital Directorate, you will be working with different teams to deliver high quality work. You will help gain comfort by using your technical knowledge of Cyber Security risks and controls. You will actively improve operational efficiency on projects and internal initiatives, in line with the UHB's commitment to quality. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Provide and receive complex, sensitive information relating to Cyber Security andCorporate issues ensuring the safe operation of the organisations ICT systems Investigate complex Cyber Security enquiries providing assistance & advice asrequired Coordinate Cyber Security incident responses at organisational level Communicate complex ICT and Cyber Security issues to non-ICT managers Negotiate with external organisations over service issues and supply chain management Leads on Cyber Security issues and compliance in ICT Implement Cyber Security policy, procedures and processes which impacts Informatics and within own team Ensures that all health board hardware and software are security protected Achieve and maintain compliance with National Cyber Security Standards Manage the operation of Cyber Security information system within the health board Develop Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Evaluation of Cyber Security solutions, either hardware or software based, for use in organisation Regular testing of Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Profile A strong academic background to degree level or equivalent experience in a directly related role A related professional certification, for example; Certified Information systems security professional (CISSP), Certified Information Security Manager (CISM) Solid IT and/or technology background ITIL Foundation Educated to Degree level (preferably Cyber Security) or equivalent level of work experience and knowledge Degree educated in an IT related discipline Information Technology Infrastructure Library (ITIL) Foundation Certificate IT based qualification preferably security related such as GCIA Certified intrusion Analyst, etc. ITIL Managing Across the Lifecycle PRINCE2 Foundation Formal leadership training at equivalent or greater to Institute of Leadership & Management (ILM) Level 5 Application Form Certificate Check CAJE Reference: RWM/2019/0140 Professional qualification or membership in cyber security (International Information Systems Security Certification (ISC2), British Computer Society (BCS), National Computer Security Centre (NCSC), etc) or equivalent Evidence of Continual Professional Development At least 3 years working in an IT based role preferably in a security related area Strong knowledge and experience of a number of the following; Information Security, architecture design and implementation, security assessments, Identity and Access Management, Third Party Risk Management and IT Controls Testing Awareness of National and International security standards Relevant experience working in a senior Cyber Security Role Broad knowledge of and understanding of IT Knowledge of IT security principles Full stack knowledge from network to server Excellent understanding of cyber security best practices and terminology Knowledge of desktop and mobile devices and operating systems Good knowledge of common cyber security tools and solutions Good understanding of security monitoring and alerting solutions Excellent understanding of Cyber Security professional code of conduct Good understanding of vulnerability scanning and penetration testing Job Offer Permanent Salary: £41,659 - £47,672 + Benefits Location: Cardiff Flexible working Patterns
Are you an experienced Senior Security Operations analyst/officer, who has worked extensively in a Microsoft security focussed environment? Are you now looking to further your skills by developing a cloud security specialism? If so, this is fantastic opportunity to join and further develop a best of breed Info Sec function within an exemplar organisation - a public sector body that holds the government to account. The Senior Information Security Officer: Cloud Security will be responsible for the following: Cloud Security Assurance Using your knowledge of Microsoft's Azure and Defender capabilities discover, validate and drive treatment of security threats, risks, vulnerabilities, and configuration gaps that may exist across the organisation's cloud services. Define, refine, and deliver cloud security controls, empowering the organisation in its continued application of security and privacy by default principles. Develop and maintain a schedule for the ongoing assessment of cloud security controls, seeking opportunities to leverage automation to enable a continuous assurance culture. Support the ongoing assurance of suppliers and cloud service provider (CSPs), advising on cloud specific regulatory risks or regulatory requirements relating to cloud assurance. Advise on and support the implementation of effective and pragmatic security controls across all SaaS applications in use or being assessed by the organisation. Alongside the Senior SecOps Officer, deliver a protect, detect, and respond role, investigating and responding to alerts and supporting the usual activities of a SecOps function. Support the implementation and use of Microsoft Sentinel within the SecOps function. Risk Management Proactively identify, evaluate, and assess threats and risks that may impact the organisation's ability to deliver on its vision and strategy. Management Systems Support the ongoing retention of the organisation's information security certifications. Lead on the development of standards ensuring that appropriate monitoring, prevent, CASB, DLP and compliance controls are applied. Support the wider business in the delivery of secure, strategic business changes and technical projects. Deliver and maintain documentation and procedures to ensure effective, ongoing management of the ISMS. Evangelise information security, as an SME Continuous Improvement Maintain awareness of security industry best practice to drive continuous improvement within the organisation. Identify, develop, implement, and continuously improve appropriate and proportionate cloud security controls in response to an evolving threat landscape. Provide technical expertise in support of internal security designs, projects, and activities. Work in collaboration with the wider Information Security and Digital Services teams in the continuous improvement of cloud controls, policies, and standards; as part of our ISO27001 certified Information Security. Stakeholder Engagement Collaborate with and build relationships with key stakeholder groups, such as Information Security and Digital Services. Build strong relationships with stakeholder groups outside of the team to establish a strong understanding of the organisation and its needs. Key skills/competencies required: Essential Demonstrable, technical background working in an information security or cyber security role within a fast paced and dynamic environment. Demonstrable hands-on experience contributing to the delivery of and continuous improvement of cloud security controls. Demonstrable experience working with cloud security technologies across IaaS, PaaS, SaaS, or hybrid cloud environments. Must hold, or be able to achieve within six months, a relevant industry certification, such as CISSP, CCSP, CISM, CISA or similar. Strong background in the identification, evaluation and assessment of cloud security threats and risks; and providing recommendations on appropriate and proportionate mitigations. SC Security Clearance, or able to achieve SC clearance* Strong experience with two or more of the following toolsets: Identity & Access Management platforms (such as Azure Active Directory) Threat Protection tools (such as Defender ATP, Office 365 ATP, and Cloud App Security) Web application Firewalls (such as Cloudflare or Azure WAF) Security Incident & Event Management (SIEM) platforms (such as Azure Sentinel) Compliance and Privacy (Microsoft Purview) Benefits Flexible, hybrid working: 2 days a week in London office 30% employer pension contribution Take your bank holidays whenever you want Support in training and career development Nationality Requirements: -UK nationals -nationals of Commonwealth countries who have the right to work in the UK -nationals from the EU, EEA or Switzerland with (or eligible for) status under the European Union Settlement Scheme (EUSS)
Dec 16, 2022
Full time
Are you an experienced Senior Security Operations analyst/officer, who has worked extensively in a Microsoft security focussed environment? Are you now looking to further your skills by developing a cloud security specialism? If so, this is fantastic opportunity to join and further develop a best of breed Info Sec function within an exemplar organisation - a public sector body that holds the government to account. The Senior Information Security Officer: Cloud Security will be responsible for the following: Cloud Security Assurance Using your knowledge of Microsoft's Azure and Defender capabilities discover, validate and drive treatment of security threats, risks, vulnerabilities, and configuration gaps that may exist across the organisation's cloud services. Define, refine, and deliver cloud security controls, empowering the organisation in its continued application of security and privacy by default principles. Develop and maintain a schedule for the ongoing assessment of cloud security controls, seeking opportunities to leverage automation to enable a continuous assurance culture. Support the ongoing assurance of suppliers and cloud service provider (CSPs), advising on cloud specific regulatory risks or regulatory requirements relating to cloud assurance. Advise on and support the implementation of effective and pragmatic security controls across all SaaS applications in use or being assessed by the organisation. Alongside the Senior SecOps Officer, deliver a protect, detect, and respond role, investigating and responding to alerts and supporting the usual activities of a SecOps function. Support the implementation and use of Microsoft Sentinel within the SecOps function. Risk Management Proactively identify, evaluate, and assess threats and risks that may impact the organisation's ability to deliver on its vision and strategy. Management Systems Support the ongoing retention of the organisation's information security certifications. Lead on the development of standards ensuring that appropriate monitoring, prevent, CASB, DLP and compliance controls are applied. Support the wider business in the delivery of secure, strategic business changes and technical projects. Deliver and maintain documentation and procedures to ensure effective, ongoing management of the ISMS. Evangelise information security, as an SME Continuous Improvement Maintain awareness of security industry best practice to drive continuous improvement within the organisation. Identify, develop, implement, and continuously improve appropriate and proportionate cloud security controls in response to an evolving threat landscape. Provide technical expertise in support of internal security designs, projects, and activities. Work in collaboration with the wider Information Security and Digital Services teams in the continuous improvement of cloud controls, policies, and standards; as part of our ISO27001 certified Information Security. Stakeholder Engagement Collaborate with and build relationships with key stakeholder groups, such as Information Security and Digital Services. Build strong relationships with stakeholder groups outside of the team to establish a strong understanding of the organisation and its needs. Key skills/competencies required: Essential Demonstrable, technical background working in an information security or cyber security role within a fast paced and dynamic environment. Demonstrable hands-on experience contributing to the delivery of and continuous improvement of cloud security controls. Demonstrable experience working with cloud security technologies across IaaS, PaaS, SaaS, or hybrid cloud environments. Must hold, or be able to achieve within six months, a relevant industry certification, such as CISSP, CCSP, CISM, CISA or similar. Strong background in the identification, evaluation and assessment of cloud security threats and risks; and providing recommendations on appropriate and proportionate mitigations. SC Security Clearance, or able to achieve SC clearance* Strong experience with two or more of the following toolsets: Identity & Access Management platforms (such as Azure Active Directory) Threat Protection tools (such as Defender ATP, Office 365 ATP, and Cloud App Security) Web application Firewalls (such as Cloudflare or Azure WAF) Security Incident & Event Management (SIEM) platforms (such as Azure Sentinel) Compliance and Privacy (Microsoft Purview) Benefits Flexible, hybrid working: 2 days a week in London office 30% employer pension contribution Take your bank holidays whenever you want Support in training and career development Nationality Requirements: -UK nationals -nationals of Commonwealth countries who have the right to work in the UK -nationals from the EU, EEA or Switzerland with (or eligible for) status under the European Union Settlement Scheme (EUSS)
As a Cyber Security Manager, you will be working with different teams to deliver high quality work. Help gain comfort by using your technical knowledge of Cyber Security risks and controls. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Client Details National organisation within the public sector based in Cardiff Description As a Cyber Security Manager in our Digital Directorate, you will be working with different teams to deliver high quality work. You will help gain comfort by using your technical knowledge of Cyber Security risks and controls. You will actively improve operational efficiency on projects and internal initiatives, in line with the UHB's commitment to quality. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Provide and receive complex, sensitive information relating to Cyber Security and Corporate issues ensuring the safe operation of the organisations ICT systems Investigate complex Cyber Security enquiries providing assistance & advice as required Coordinate Cyber Security incident responses at organisational level Communicate complex ICT and Cyber Security issues to non-ICT managers Negotiate with external organisations over service issues and supply chain management Leads on Cyber Security issues and compliance in ICT Implement Cyber Security policy, procedures and processes which impacts Informatics and within own team Ensures that all health board hardware and software are security protected Achieve and maintain compliance with National Cyber Security Standards Manage the operation of Cyber Security information system within the health board Develop Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Evaluation of Cyber Security solutions, either hardware or software based, for use in organisation Regular testing of Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Profile A strong academic background to degree level or equivalent experience in a directly related role A related professional certification, for example; Certified Information systems security professional (CISSP), Certified Information Security Manager (CISM) Solid IT and/or technology background ITIL Foundation Educated to Degree level (preferably Cyber Security) or equivalent level of work experience and knowledge Degree educated in an IT related discipline Information Technology Infrastructure Library (ITIL) Foundation Certificate IT based qualification preferably security related such as GCIA Certified intrusion Analyst, etc. ITIL Managing Across the Lifecycle PRINCE2 Foundation Formal leadership training at equivalent or greater to Institute of Leadership & Management (ILM) Level 5 Application Form Certificate Check CAJE Reference: RWM/2019/0140 Professional qualification or membership in cyber security (International Information Systems Security Certification (ISC2), British Computer Society (BCS), National Computer Security Centre (NCSC), etc) or equivalent Evidence of Continual Professional Development At least 3 years working in an IT based role preferably in a security related area Strong knowledge and experience of a number of the following; Information Security, architecture design and implementation, security assessments, Identity and Access Management, Third Party Risk Management and IT Controls Testing Awareness of National and International security standards Relevant experience working in a senior Cyber Security Role Broad knowledge of and understanding of IT Knowledge of IT security principles Full stack knowledge from network to server Excellent understanding of cyber security best practices and terminology Knowledge of desktop and mobile devices and operating systems Good knowledge of common cyber security tools and solutions Good understanding of security monitoring and alerting solutions Excellent understanding of Cyber Security professional code of conduct Good understanding of vulnerability scanning and penetration testing Job Offer Permanent Salary: £41,659 - £47,672 + Benefits Location: Cardiff Flexible working Patterns
Dec 16, 2022
Full time
As a Cyber Security Manager, you will be working with different teams to deliver high quality work. Help gain comfort by using your technical knowledge of Cyber Security risks and controls. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Client Details National organisation within the public sector based in Cardiff Description As a Cyber Security Manager in our Digital Directorate, you will be working with different teams to deliver high quality work. You will help gain comfort by using your technical knowledge of Cyber Security risks and controls. You will actively improve operational efficiency on projects and internal initiatives, in line with the UHB's commitment to quality. Your role will require you to lead teams on a range of Cyber Security engagements, supporting services to design and assess the effectiveness of their Cyber Security mechanisms. Provide and receive complex, sensitive information relating to Cyber Security and Corporate issues ensuring the safe operation of the organisations ICT systems Investigate complex Cyber Security enquiries providing assistance & advice as required Coordinate Cyber Security incident responses at organisational level Communicate complex ICT and Cyber Security issues to non-ICT managers Negotiate with external organisations over service issues and supply chain management Leads on Cyber Security issues and compliance in ICT Implement Cyber Security policy, procedures and processes which impacts Informatics and within own team Ensures that all health board hardware and software are security protected Achieve and maintain compliance with National Cyber Security Standards Manage the operation of Cyber Security information system within the health board Develop Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Evaluation of Cyber Security solutions, either hardware or software based, for use in organisation Regular testing of Cyber Incident Management procedures in conjunction with other ICT leads and health board emergency planning team Profile A strong academic background to degree level or equivalent experience in a directly related role A related professional certification, for example; Certified Information systems security professional (CISSP), Certified Information Security Manager (CISM) Solid IT and/or technology background ITIL Foundation Educated to Degree level (preferably Cyber Security) or equivalent level of work experience and knowledge Degree educated in an IT related discipline Information Technology Infrastructure Library (ITIL) Foundation Certificate IT based qualification preferably security related such as GCIA Certified intrusion Analyst, etc. ITIL Managing Across the Lifecycle PRINCE2 Foundation Formal leadership training at equivalent or greater to Institute of Leadership & Management (ILM) Level 5 Application Form Certificate Check CAJE Reference: RWM/2019/0140 Professional qualification or membership in cyber security (International Information Systems Security Certification (ISC2), British Computer Society (BCS), National Computer Security Centre (NCSC), etc) or equivalent Evidence of Continual Professional Development At least 3 years working in an IT based role preferably in a security related area Strong knowledge and experience of a number of the following; Information Security, architecture design and implementation, security assessments, Identity and Access Management, Third Party Risk Management and IT Controls Testing Awareness of National and International security standards Relevant experience working in a senior Cyber Security Role Broad knowledge of and understanding of IT Knowledge of IT security principles Full stack knowledge from network to server Excellent understanding of cyber security best practices and terminology Knowledge of desktop and mobile devices and operating systems Good knowledge of common cyber security tools and solutions Good understanding of security monitoring and alerting solutions Excellent understanding of Cyber Security professional code of conduct Good understanding of vulnerability scanning and penetration testing Job Offer Permanent Salary: £41,659 - £47,672 + Benefits Location: Cardiff Flexible working Patterns
Contents Location About the job Benefits Things you need to know Apply and further information Location Belfast, Cardiff, Darlington, Edinburgh, London About the job Summary Join a team at the heart of the global economy! We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video ! Our Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas. Youll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade. Job description This role sits within the DIT Security Operations Centre (SOC), which is responsible for the identification and handling of security threats. You will be responsible for the monitoring aspects of the SOCs Target Operating Model (TOM) at a high level, acting as the final point of escalation for the resolution of incidents identified by SOC analysts. A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DITs capability to detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility. Responsibilities Responsibilities In your day-to-day role, you will: Lead the implementation of the DIT monitoring policyand management of the SOC TOM, providing expert advice to junior SOC staff. Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis. Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunterand in line with DITs policies. Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders. Be responsible for defining the vision, principles, and strategy for incident response. Essential Skills and Experience You should be able to demonstrate essential skills and experience of: Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities . Demonstrable experience with KQL or similar query language . Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience in cyber security incident management . Effective verbal and written communication skills. Demonstrable knowledge and experience of intrusion detection and analysis skills . Desirable Skills and Experience While not essential, it would be ideal if you have demonstrable skills and experience of: SIEM and Security Software, especially Microsoft Professional information security certification CISSP or similar. Experience of working in a multi-cloud environment. Knowledge or experience of forensics. Benefits Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Security Successful candidates must pass a disclosure and barring security check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check . See our vetting charter . People working with government assets must complete basic personnel security standard checks. Selection process details We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way. Assessment and Interview As part of the application process you will be asked to upload a CV which outlines your experience, skills and fit for the role. At the sift stage for this role, Inspire People will assess you against the essential criteria listed above to compile a long list of applications. If you are progressed through to this stage, you will be asked to complete a short, pre-recorded video interview with Inspire People or provide written answers to questions. These applications will then be sifted by DIT hiring managers. Initial sifting will take place the week commencing 26th September, with CV submissions to DIT on the 30th September. Interviews will take place the week commencing 10th October. Please note that these dates are indicative and may be subject to change. At the interview stage for this role, we will assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around Behaviours and Technical skills, which are part of the Civil Service Success Profiles . The technical element within the interview, where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context, will assess against these Technical Skills: Intrusion detection and analysis Threat intelligence and assessment Incident management, investigation, and response Information risk assessment and risk management Applied security capability Query language expertise You will also be assessed against the Behaviours of: Developing Self and Others Changing and Improving Delivering at Pace Offer Stage Appointments may be made to candidates in merit order based on location preferences. The salary we will offer is determined using interview performance. Scores at interview translate to proficiency levels and an associated salary. Once a successful candidate has a proficiency level and is part of the capability framework, they will be given opportunities to self-assess to progress through the pay scale within their grade during their time at DIT. For further explanation of proficiency levels and more information about DDaT click here. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. If successful and transferring from another Government Department a criminal record check may be carried out. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you. Please note the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role. Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at New entrants are expected to join on the minimum of the pay band. Reasonable adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs. Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: ..... click apply for full job details
Sep 09, 2022
Full time
Contents Location About the job Benefits Things you need to know Apply and further information Location Belfast, Cardiff, Darlington, Edinburgh, London About the job Summary Join a team at the heart of the global economy! We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video ! Our Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas. Youll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade. Job description This role sits within the DIT Security Operations Centre (SOC), which is responsible for the identification and handling of security threats. You will be responsible for the monitoring aspects of the SOCs Target Operating Model (TOM) at a high level, acting as the final point of escalation for the resolution of incidents identified by SOC analysts. A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DITs capability to detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility. Responsibilities Responsibilities In your day-to-day role, you will: Lead the implementation of the DIT monitoring policyand management of the SOC TOM, providing expert advice to junior SOC staff. Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis. Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunterand in line with DITs policies. Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders. Be responsible for defining the vision, principles, and strategy for incident response. Essential Skills and Experience You should be able to demonstrate essential skills and experience of: Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities . Demonstrable experience with KQL or similar query language . Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience in cyber security incident management . Effective verbal and written communication skills. Demonstrable knowledge and experience of intrusion detection and analysis skills . Desirable Skills and Experience While not essential, it would be ideal if you have demonstrable skills and experience of: SIEM and Security Software, especially Microsoft Professional information security certification CISSP or similar. Experience of working in a multi-cloud environment. Knowledge or experience of forensics. Benefits Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Security Successful candidates must pass a disclosure and barring security check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check . See our vetting charter . People working with government assets must complete basic personnel security standard checks. Selection process details We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way. Assessment and Interview As part of the application process you will be asked to upload a CV which outlines your experience, skills and fit for the role. At the sift stage for this role, Inspire People will assess you against the essential criteria listed above to compile a long list of applications. If you are progressed through to this stage, you will be asked to complete a short, pre-recorded video interview with Inspire People or provide written answers to questions. These applications will then be sifted by DIT hiring managers. Initial sifting will take place the week commencing 26th September, with CV submissions to DIT on the 30th September. Interviews will take place the week commencing 10th October. Please note that these dates are indicative and may be subject to change. At the interview stage for this role, we will assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around Behaviours and Technical skills, which are part of the Civil Service Success Profiles . The technical element within the interview, where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context, will assess against these Technical Skills: Intrusion detection and analysis Threat intelligence and assessment Incident management, investigation, and response Information risk assessment and risk management Applied security capability Query language expertise You will also be assessed against the Behaviours of: Developing Self and Others Changing and Improving Delivering at Pace Offer Stage Appointments may be made to candidates in merit order based on location preferences. The salary we will offer is determined using interview performance. Scores at interview translate to proficiency levels and an associated salary. Once a successful candidate has a proficiency level and is part of the capability framework, they will be given opportunities to self-assess to progress through the pay scale within their grade during their time at DIT. For further explanation of proficiency levels and more information about DDaT click here. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. If successful and transferring from another Government Department a criminal record check may be carried out. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you. Please note the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role. Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at New entrants are expected to join on the minimum of the pay band. Reasonable adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs. Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: ..... click apply for full job details
Role Introduction Advanced are looking for a Security Analyst to work with our Customers in delivering a virtual Security Manager service. This is an Information Security Assurance role with a strong focus on people, process and tooling; your remit will cover all aspects of Information Security Management. The Security Assurance team are responsible for the delivery of Information Security knowledge and guidance across the business, ultimately enabling services to our customers. You will be part of a wider team covering all aspects of Information Security and reporting into the Security Assurance Manager. We are looking for individuals who have a passion for cyber security and hold transferable technical skills, either from degree education or from professional experience. What you will do Manage the provision of Information Security Assurance to our customers. Advise and guide the remediation of risks and issues identified through pragmatic control definition taking cost and technical aspects into account. Help customers manage information security related incidents though liaison with Advanced teams and pragmatic advice. The focus on communication is a key aspect of this task along with expectation management. Provide Insight, Service and Transparency; Insight to drive decisions, empowering us to deliver continuous improvement and innovation to our customers, Service through listening to our customer's needs, owning our customers concerns and delivering robust solutions quickly, Transparency so our customers know exactly where their requests or incidents are in the process. What you will have Experience within a similar environment Profession Information Security Qualification (CISSP, CRISC, CISM) Knowledge of GDPR/DPA18, ISO 27001 and security testing Strong communication skills with an ability to set expectations with our customers What We Do For You Generous Annual Leave - 20-25 days, plus public holidays, with the possibility to buy additional days Summer Fridays! Every Friday afternoon off throughout July and August 2022 (or equivalent time in the week ) Life Insurance - 3-4x times annual salary Top Achievers Club - Our yearly VIP trip includes flights, transfers and accommodation to recognise excellence in our employees 65% Internal Mobility - Committed to the development & growth of our people All our benefits are subject to location Who We Are Advanced are one of the UK's largest and most successful software companies. Our products sit at the heart of some of the country's best-known businesses, powering their key services and functions. Driven by the millions of people who interact with our products every day in hospitals, schools, transport providers, sports clubs and a wide range of instantly recognisable brands. We've grown phenomenally quickly with a £275m turnover and 2,800 staff serving over 25,000 customers across the UK. As an employer, we do things differently. We hire differently. We promote at pace. We recognise excellence. Find out more at about-us
Dec 07, 2021
Full time
Role Introduction Advanced are looking for a Security Analyst to work with our Customers in delivering a virtual Security Manager service. This is an Information Security Assurance role with a strong focus on people, process and tooling; your remit will cover all aspects of Information Security Management. The Security Assurance team are responsible for the delivery of Information Security knowledge and guidance across the business, ultimately enabling services to our customers. You will be part of a wider team covering all aspects of Information Security and reporting into the Security Assurance Manager. We are looking for individuals who have a passion for cyber security and hold transferable technical skills, either from degree education or from professional experience. What you will do Manage the provision of Information Security Assurance to our customers. Advise and guide the remediation of risks and issues identified through pragmatic control definition taking cost and technical aspects into account. Help customers manage information security related incidents though liaison with Advanced teams and pragmatic advice. The focus on communication is a key aspect of this task along with expectation management. Provide Insight, Service and Transparency; Insight to drive decisions, empowering us to deliver continuous improvement and innovation to our customers, Service through listening to our customer's needs, owning our customers concerns and delivering robust solutions quickly, Transparency so our customers know exactly where their requests or incidents are in the process. What you will have Experience within a similar environment Profession Information Security Qualification (CISSP, CRISC, CISM) Knowledge of GDPR/DPA18, ISO 27001 and security testing Strong communication skills with an ability to set expectations with our customers What We Do For You Generous Annual Leave - 20-25 days, plus public holidays, with the possibility to buy additional days Summer Fridays! Every Friday afternoon off throughout July and August 2022 (or equivalent time in the week ) Life Insurance - 3-4x times annual salary Top Achievers Club - Our yearly VIP trip includes flights, transfers and accommodation to recognise excellence in our employees 65% Internal Mobility - Committed to the development & growth of our people All our benefits are subject to location Who We Are Advanced are one of the UK's largest and most successful software companies. Our products sit at the heart of some of the country's best-known businesses, powering their key services and functions. Driven by the millions of people who interact with our products every day in hospitals, schools, transport providers, sports clubs and a wide range of instantly recognisable brands. We've grown phenomenally quickly with a £275m turnover and 2,800 staff serving over 25,000 customers across the UK. As an employer, we do things differently. We hire differently. We promote at pace. We recognise excellence. Find out more at about-us
Description The IT Compliance Analyst II will have day-to-day responsibilities to fulfill and support the IT Compliance & Controls mission, including analysis of IT Control Framework assessments, analysis of IT Control gaps, assistance in remediation planning and tracking, analyzing legal or regulatory obligations (pending or enacted) for impact to existing baseline controls & test procedures, performing the IT compliance assurance function, evaluating the results of control owner self-assessments/control testing and recommend remediation steps, providing awareness of the IT control & risk frameworks, assisting in updating the IT Control Library & Control Plans to reflect the current CME operating environment & regulatory landscape. Incumbent will support IT compliance obligations as required, e.g. provide assistance in Global Assurance audits. The Incumbent will be responsible for: Learning and understanding the function and goals of the CME Group Technology Compliance Team Assessing the control implementation via defined test procedures and determining if controls are designed and operating as expected Analyzing and determining if existing controls are sufficient to meet new regulatory or legal obligations or if control enhancements are needed Deciding how authoritative source changes impact existing control plans & test procedures Helping to determine training/education needs (based on interaction with control plan owners) Helping assess the risk of controls not implemented Participating in application testing Performing audits of technology projects Recommending remediation actions. The Incumbent will follow common approaches for interacting with IT control owners while helping establish new approaches where precedent doesn’t exist in handling IT controls & associated risks. Given the current control environment, precedents will need to be established to determine how to properly respond, leaning on defined controls but helping to establish the compliance culture. In this role the Incumbent will be expected to: Recommend remediation actions for findings Decide on degree controls are operating based on independent assessment of test procedure results Recommend improvements in IT control & risk processes for potential automation. Decisions will generally be reviewed by IT Compliance Lead Analyst, IT Compliance Manager, and/or Sr. Director. This position, along with others being initiated, are critical for ensuring the implementation and operation of the IT compliance & risk management function while evolving the tools, processes and methodology established in the IT Control & Risk Framework initiative. The Incumbents ability to operate, enhance & assure IT controls will have a direct impact on reducing the overall IT and corporate risk. Competence Requirements: Demonstrated proven success in a role that emphasizes a thorough knowledge of technical aspects of the following areas: IT Risk Management, Information Security, Technical Privacy, and/or IT Audits Demonstrated knowledge of performing IT Risk & Security assessments across a broad range of technologies, leveraging thorough technical and operational knowledge of Information Security best practices and industry standards to define the security controls and processes. Demonstrated knowledge and/or exposure to the common issues facing the financial services market including privacy and regulatory concerns. Demonstrated abilities with the utilization of network and application security assessment tools and methodologies to manage and address security and control issues Demonstrated experience participating in key management discussions and meetings, preparing concise, accurate documents and balancing project deadlines with the occurrence of unanticipated issues Strong written and verbal communication and presentation skills, leadership, and ability to work with diverse teams Experience as a Staff/Senior level consultant, auditor, or Information Security analyst in a professional services firm or large enterprise, which includes: Interfacing with key stakeholders on control solutions Participating in the planning and execution of projects in the following areas: Information Security, Risk Management, Technical Compliance, IT Security Audit, Remediation, and / or IT Risk Management. Experience working with NIST, COBIT, CFTC, AICPA, ISO/IEC, PCI, FFIEC, etc. General proficiency as user of GRC & Audit tools Desired Experience: Proficiency in software development using Python, Java, R Language, JavaScript, Scala or similar Experience in developing automation within security tools Experience in developing solutions to mitigate security vulnerabilities Minimum Education/Experience Requirements: Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline Incumbents who can clearly demonstrate transferable work experience skills from a previous role will be considered Minimum Experience Requirements: Experience in general accounting and/or working as a Staff/Senior level IT analyst, IT auditor, or IT risk adviser for a financial institution, public accounting firm (Big 4 preferred), or a professional services firm, performing IT Controls, IT Risk Management, and/or IT Internal Audit including experience in Information Security. Preferred Certifications: CISA CPA CISSP CISM CRISC CGEIT CDPSE or other related certifications completed or pursuing CME Group: Where Futures Are Made CME Group () is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 2,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more. For EU Residents, the Candidate Privacy Policy can be found here.
Nov 30, 2021
Full time
Description The IT Compliance Analyst II will have day-to-day responsibilities to fulfill and support the IT Compliance & Controls mission, including analysis of IT Control Framework assessments, analysis of IT Control gaps, assistance in remediation planning and tracking, analyzing legal or regulatory obligations (pending or enacted) for impact to existing baseline controls & test procedures, performing the IT compliance assurance function, evaluating the results of control owner self-assessments/control testing and recommend remediation steps, providing awareness of the IT control & risk frameworks, assisting in updating the IT Control Library & Control Plans to reflect the current CME operating environment & regulatory landscape. Incumbent will support IT compliance obligations as required, e.g. provide assistance in Global Assurance audits. The Incumbent will be responsible for: Learning and understanding the function and goals of the CME Group Technology Compliance Team Assessing the control implementation via defined test procedures and determining if controls are designed and operating as expected Analyzing and determining if existing controls are sufficient to meet new regulatory or legal obligations or if control enhancements are needed Deciding how authoritative source changes impact existing control plans & test procedures Helping to determine training/education needs (based on interaction with control plan owners) Helping assess the risk of controls not implemented Participating in application testing Performing audits of technology projects Recommending remediation actions. The Incumbent will follow common approaches for interacting with IT control owners while helping establish new approaches where precedent doesn’t exist in handling IT controls & associated risks. Given the current control environment, precedents will need to be established to determine how to properly respond, leaning on defined controls but helping to establish the compliance culture. In this role the Incumbent will be expected to: Recommend remediation actions for findings Decide on degree controls are operating based on independent assessment of test procedure results Recommend improvements in IT control & risk processes for potential automation. Decisions will generally be reviewed by IT Compliance Lead Analyst, IT Compliance Manager, and/or Sr. Director. This position, along with others being initiated, are critical for ensuring the implementation and operation of the IT compliance & risk management function while evolving the tools, processes and methodology established in the IT Control & Risk Framework initiative. The Incumbents ability to operate, enhance & assure IT controls will have a direct impact on reducing the overall IT and corporate risk. Competence Requirements: Demonstrated proven success in a role that emphasizes a thorough knowledge of technical aspects of the following areas: IT Risk Management, Information Security, Technical Privacy, and/or IT Audits Demonstrated knowledge of performing IT Risk & Security assessments across a broad range of technologies, leveraging thorough technical and operational knowledge of Information Security best practices and industry standards to define the security controls and processes. Demonstrated knowledge and/or exposure to the common issues facing the financial services market including privacy and regulatory concerns. Demonstrated abilities with the utilization of network and application security assessment tools and methodologies to manage and address security and control issues Demonstrated experience participating in key management discussions and meetings, preparing concise, accurate documents and balancing project deadlines with the occurrence of unanticipated issues Strong written and verbal communication and presentation skills, leadership, and ability to work with diverse teams Experience as a Staff/Senior level consultant, auditor, or Information Security analyst in a professional services firm or large enterprise, which includes: Interfacing with key stakeholders on control solutions Participating in the planning and execution of projects in the following areas: Information Security, Risk Management, Technical Compliance, IT Security Audit, Remediation, and / or IT Risk Management. Experience working with NIST, COBIT, CFTC, AICPA, ISO/IEC, PCI, FFIEC, etc. General proficiency as user of GRC & Audit tools Desired Experience: Proficiency in software development using Python, Java, R Language, JavaScript, Scala or similar Experience in developing automation within security tools Experience in developing solutions to mitigate security vulnerabilities Minimum Education/Experience Requirements: Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline Incumbents who can clearly demonstrate transferable work experience skills from a previous role will be considered Minimum Experience Requirements: Experience in general accounting and/or working as a Staff/Senior level IT analyst, IT auditor, or IT risk adviser for a financial institution, public accounting firm (Big 4 preferred), or a professional services firm, performing IT Controls, IT Risk Management, and/or IT Internal Audit including experience in Information Security. Preferred Certifications: CISA CPA CISSP CISM CRISC CGEIT CDPSE or other related certifications completed or pursuing CME Group: Where Futures Are Made CME Group () is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 2,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more. For EU Residents, the Candidate Privacy Policy can be found here.
Location - Central London with some travel across London sites Permanent, full time (37.5 hours per week) Salary - £55,000 - £60,000 dependant on experience + Benefits (pension, health cover, flexible benefits and excellent career development) About the Role We have a fantastic new opportunity for a Senior Security Risk Analyst to join our dynamic and growing IT function in a newly created Risk function. As part of the role you will play a key part in building the department from the ground up to form a dynamic function. As Senior Security Risk Analyst you are responsible for performing a wide range of tasks that support the ongoing maturation of the facility's IT Security program, including; driving consistency and visibility of IT Security risk management activities; working with business owners to protect patients and prevent data loss; and rounding with division and facility leadership to reduce or eliminate risk. The Senior Security Risk Analyst will support facility workforce members appropriately comply with the company's IT Security requirements. This role requires extensive focus on building and expanding relationships with key stakeholders such as facility and division leadership; workforce members; physicians; division and facility IT teams; business owners; vendors; and other people and entities who support ISG objectives and activities within the facility. Skills & Experience: Extensive experience within IT risk management to include a combination of audit, risk management, information security, privacy, and information technology. Experience in developing and reviewing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices. CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant certifications in information security or privacy Clinical, healthcare, or medical experience is highly desirable HCA Healthcare UK - The World's largest private healthcare group; providing award winning primary, acute and complex care. From complex care to straightforward procedures in both adults and children, HCA Healthcare UK provides exceptional care across our six world-class hospitals, clinics, outpatient and diagnostics centres, and NHS partnerships. HCA UK are incredibly proud to be awarded 'Private Hospital Group of the Year '2020 at the Health Investor Awards. HCA Healthcare UK's Information Technology Group (ITG) is a Group IT function, developing and managing all aspects of healthcare IT across our portfolio of hospitals, clinics, outpatient centers, laboratories and other associated businesses. #LI-JR1
Nov 30, 2021
Full time
Location - Central London with some travel across London sites Permanent, full time (37.5 hours per week) Salary - £55,000 - £60,000 dependant on experience + Benefits (pension, health cover, flexible benefits and excellent career development) About the Role We have a fantastic new opportunity for a Senior Security Risk Analyst to join our dynamic and growing IT function in a newly created Risk function. As part of the role you will play a key part in building the department from the ground up to form a dynamic function. As Senior Security Risk Analyst you are responsible for performing a wide range of tasks that support the ongoing maturation of the facility's IT Security program, including; driving consistency and visibility of IT Security risk management activities; working with business owners to protect patients and prevent data loss; and rounding with division and facility leadership to reduce or eliminate risk. The Senior Security Risk Analyst will support facility workforce members appropriately comply with the company's IT Security requirements. This role requires extensive focus on building and expanding relationships with key stakeholders such as facility and division leadership; workforce members; physicians; division and facility IT teams; business owners; vendors; and other people and entities who support ISG objectives and activities within the facility. Skills & Experience: Extensive experience within IT risk management to include a combination of audit, risk management, information security, privacy, and information technology. Experience in developing and reviewing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices. CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant certifications in information security or privacy Clinical, healthcare, or medical experience is highly desirable HCA Healthcare UK - The World's largest private healthcare group; providing award winning primary, acute and complex care. From complex care to straightforward procedures in both adults and children, HCA Healthcare UK provides exceptional care across our six world-class hospitals, clinics, outpatient and diagnostics centres, and NHS partnerships. HCA UK are incredibly proud to be awarded 'Private Hospital Group of the Year '2020 at the Health Investor Awards. HCA Healthcare UK's Information Technology Group (ITG) is a Group IT function, developing and managing all aspects of healthcare IT across our portfolio of hospitals, clinics, outpatient centers, laboratories and other associated businesses. #LI-JR1
Location - Central London with some travel across London sites Permanent, full time (37.5 hours per week) Salary - Up to £45,000 dependant on experience + Benefits (pension, health cover, flexible benefits and excellent career development) About the Role We have a fantastic new opportunity for a Security Risk Analyst to join our growing IT function in a newly created Risk function. As part of the role you will work with the Senior Security Risk Analysts in building the department from the ground up to form a dynamic function. As Security Risk Analyst you are responsible for performing a wide range of tasks that support the ongoing maturation of the facility's IT Security program, including; driving consistency and visibility of IT Security risk management activities; working with business owners to protect patients and prevent data loss; and rounding with division and facility leadership to reduce or eliminate risk. The Senior Security Risk Analyst will support facility workforce members appropriately comply with the company's IT Security requirements. This role requires extensive focus on building and expanding relationships with key stakeholders such as facility and division leadership; workforce members; physicians; division and facility IT teams; business owners; vendors; and other people and entities who support ISG objectives and activities within the facility. Skills & Experience: Experience within IT risk management to include a combination of audit, risk management, information security, privacy, and information technology. Experience in developing and reviewing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices. CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant certifications in information security or privacy Clinical, healthcare, or medical experience is highly desirable HCA Healthcare UK - The World's largest private healthcare group; providing award winning primary, acute and complex care. From complex care to straightforward procedures in both adults and children, HCA Healthcare UK provides exceptional care across our six world-class hospitals, clinics, outpatient and diagnostics centres, and NHS partnerships. HCA UK are incredibly proud to be awarded 'Private Hospital Group of the Year '2020 at the Health Investor Awards. HCA Healthcare UK's Information Technology Group (ITG) is a Group IT function, developing and managing all aspects of healthcare IT across our portfolio of hospitals, clinics, outpatient centers, laboratories and other associated businesses.
Nov 30, 2021
Full time
Location - Central London with some travel across London sites Permanent, full time (37.5 hours per week) Salary - Up to £45,000 dependant on experience + Benefits (pension, health cover, flexible benefits and excellent career development) About the Role We have a fantastic new opportunity for a Security Risk Analyst to join our growing IT function in a newly created Risk function. As part of the role you will work with the Senior Security Risk Analysts in building the department from the ground up to form a dynamic function. As Security Risk Analyst you are responsible for performing a wide range of tasks that support the ongoing maturation of the facility's IT Security program, including; driving consistency and visibility of IT Security risk management activities; working with business owners to protect patients and prevent data loss; and rounding with division and facility leadership to reduce or eliminate risk. The Senior Security Risk Analyst will support facility workforce members appropriately comply with the company's IT Security requirements. This role requires extensive focus on building and expanding relationships with key stakeholders such as facility and division leadership; workforce members; physicians; division and facility IT teams; business owners; vendors; and other people and entities who support ISG objectives and activities within the facility. Skills & Experience: Experience within IT risk management to include a combination of audit, risk management, information security, privacy, and information technology. Experience in developing and reviewing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices. CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant certifications in information security or privacy Clinical, healthcare, or medical experience is highly desirable HCA Healthcare UK - The World's largest private healthcare group; providing award winning primary, acute and complex care. From complex care to straightforward procedures in both adults and children, HCA Healthcare UK provides exceptional care across our six world-class hospitals, clinics, outpatient and diagnostics centres, and NHS partnerships. HCA UK are incredibly proud to be awarded 'Private Hospital Group of the Year '2020 at the Health Investor Awards. HCA Healthcare UK's Information Technology Group (ITG) is a Group IT function, developing and managing all aspects of healthcare IT across our portfolio of hospitals, clinics, outpatient centers, laboratories and other associated businesses.
