Our leading Douglas-based Finance Sector Client is seeking a leading technology professional in the role of IT Infrastructure Analyst. As IT Infrastructure Analyst you will provide, support, maintain and optimise an on-premises and cloud-based IT infrastructure, with a focus on ensuring the stability, availability and security of the network servers and systems that support business operations. The role blends technical expertise with problem-solving to maintain and improve the efficiency of the IT environment. Responsibilities - Ensure that critical infrastructure components (servers, networks, storage) are available and operational downtime Monitor systems to prevent outages and ensure business continuity Provide timely support for infrastructure related issues, trouble shooting and resolving incidents efficiently Act as an escalation point for more complex issues and work closely with support teams and peers Perform routine maintenance, updates and patching to keep systems secure and up to date Optimise infrastructure performance, identifying areas for improvement to enhance efficiency and capacity Implement and manage security protocols, firewalls and threat detection systems to safeguard the infrastructure Ensure compliance with industry standards, regulations and internal policies related to data protection and cybersecurity Maintain and implement disaster recovery plans to minimise downtime and date loss in case of failures Ensure backup systems are properly configured and tested regularly for data protection and recovery Maintain detailed documentation of network configurations, system setups, infrastructure changes and technical procedures Ensure documentation is accessible and up to date for troubleshooting and auditing purposes Work closely with other IT teams (IT Services, Architecture, Engineering/Developers. To align infrastructure with broader IT strategy Through vendor management liaise with vendors and service providers to help manage infrastructure related services and support Anticipate and plan for future infrastructure needs based on business growth, user demand and new technology adoption Ensure the infrastructure can scale seamlessly to meet organisational requirements The ideal candidate for the role of IT Infrastructure Analyst will hold: - Appropriate technical qualifications e.g. Microsoft certification, including MS Certified Azure Administration, Cisco Certified Network Association (CCNA), VMware Certified Professional (VCP), Microsoft Certified Windows Server - Knowledge and experience of Network protocols - DNS, VPN, Network devices - routers, switches, network segmentation, and VPN configurations for remote access - Skills in network troubleshooting and monitoring tools - e.g. SolarWinds - Proficiency in managing and configuring Windows Servers and Linux-based systems - Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least one major cloud provider (AWS, Azure, Google Cloud) - Knowledge of cloud servers like compute, storage, networking, security and managed services - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure health - Strong problem-solving skills for diagnosing hardware, network and software issues - Knowledge of common troubleshooting frameworks and methodologies, such as ITIL - Knowledge of virtual infrastructure management with VMware, Hyper-V, or similar platforms - Experience with configuring and managing virtualised environments for optimised resource - Understanding of containerisation concepts and tools, primarily Docker - Familiarity with orchestration platforms, especially Kubernetes, to support containerisation applications - Experience with backup and recovery software like Rubrik, Cloudian etc. - Knowledge of backup strategies (e.g. incremental, differential, full backups) and data retention policies - Skills in developing and testing disaster recovery plans to minimise downtime and ensure business continuity - Experience with offsite backup solutions, replication and high-availability configurations - Basic understanding of database management and administration for common databases like SQL server, MySQL and Oracle - Skills in database performance tuning, backup and recovery - Knowledge of Storage Area Networks (SAN), Network Attached Storage (NAS) and RAID configurations - Experience managing cloud storage options and ensuring data redundancy and scalability - Proficiency in documenting infrastructure configurations, standard operating procedures (SOPs), and troubleshooting guides - Experience using documentation tools like confluence, Microsoft SharePoint, or similar collaboration platforms - Skills in creating reports on system performance, resource utilisation, and incident trends for management - Experience with data visualisation and reporting tools like Power BI or Tableau is a plus
Feb 11, 2025
Full time
Our leading Douglas-based Finance Sector Client is seeking a leading technology professional in the role of IT Infrastructure Analyst. As IT Infrastructure Analyst you will provide, support, maintain and optimise an on-premises and cloud-based IT infrastructure, with a focus on ensuring the stability, availability and security of the network servers and systems that support business operations. The role blends technical expertise with problem-solving to maintain and improve the efficiency of the IT environment. Responsibilities - Ensure that critical infrastructure components (servers, networks, storage) are available and operational downtime Monitor systems to prevent outages and ensure business continuity Provide timely support for infrastructure related issues, trouble shooting and resolving incidents efficiently Act as an escalation point for more complex issues and work closely with support teams and peers Perform routine maintenance, updates and patching to keep systems secure and up to date Optimise infrastructure performance, identifying areas for improvement to enhance efficiency and capacity Implement and manage security protocols, firewalls and threat detection systems to safeguard the infrastructure Ensure compliance with industry standards, regulations and internal policies related to data protection and cybersecurity Maintain and implement disaster recovery plans to minimise downtime and date loss in case of failures Ensure backup systems are properly configured and tested regularly for data protection and recovery Maintain detailed documentation of network configurations, system setups, infrastructure changes and technical procedures Ensure documentation is accessible and up to date for troubleshooting and auditing purposes Work closely with other IT teams (IT Services, Architecture, Engineering/Developers. To align infrastructure with broader IT strategy Through vendor management liaise with vendors and service providers to help manage infrastructure related services and support Anticipate and plan for future infrastructure needs based on business growth, user demand and new technology adoption Ensure the infrastructure can scale seamlessly to meet organisational requirements The ideal candidate for the role of IT Infrastructure Analyst will hold: - Appropriate technical qualifications e.g. Microsoft certification, including MS Certified Azure Administration, Cisco Certified Network Association (CCNA), VMware Certified Professional (VCP), Microsoft Certified Windows Server - Knowledge and experience of Network protocols - DNS, VPN, Network devices - routers, switches, network segmentation, and VPN configurations for remote access - Skills in network troubleshooting and monitoring tools - e.g. SolarWinds - Proficiency in managing and configuring Windows Servers and Linux-based systems - Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least one major cloud provider (AWS, Azure, Google Cloud) - Knowledge of cloud servers like compute, storage, networking, security and managed services - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure health - Strong problem-solving skills for diagnosing hardware, network and software issues - Knowledge of common troubleshooting frameworks and methodologies, such as ITIL - Knowledge of virtual infrastructure management with VMware, Hyper-V, or similar platforms - Experience with configuring and managing virtualised environments for optimised resource - Understanding of containerisation concepts and tools, primarily Docker - Familiarity with orchestration platforms, especially Kubernetes, to support containerisation applications - Experience with backup and recovery software like Rubrik, Cloudian etc. - Knowledge of backup strategies (e.g. incremental, differential, full backups) and data retention policies - Skills in developing and testing disaster recovery plans to minimise downtime and ensure business continuity - Experience with offsite backup solutions, replication and high-availability configurations - Basic understanding of database management and administration for common databases like SQL server, MySQL and Oracle - Skills in database performance tuning, backup and recovery - Knowledge of Storage Area Networks (SAN), Network Attached Storage (NAS) and RAID configurations - Experience managing cloud storage options and ensuring data redundancy and scalability - Proficiency in documenting infrastructure configurations, standard operating procedures (SOPs), and troubleshooting guides - Experience using documentation tools like confluence, Microsoft SharePoint, or similar collaboration platforms - Skills in creating reports on system performance, resource utilisation, and incident trends for management - Experience with data visualisation and reporting tools like Power BI or Tableau is a plus
Senior SOC Analyst London/Hybrid/ Up To £50K Pro Rata (DOE)/ 3-6 Months FTC We are excited to partner with a financial client based in central London that prides itself in delivering complex projects in fast-paced moving organisations. They are looking to onboard an ambitious and goal-oriented Senior SOC Analyst to join their growing security team. The person will be accountable for delivery of SOC and SIEM to existing and helping to sell capabilities to potential customers. KEY RESPONSIBILITIES: Manage coach and lead the SOC 1st line analyst teams. Quickly assess incidents for their impact and severity. Establish procedures, containing threats, and mitigating potential damage. Ensuring that evidence is collected in a proper organised manner. Implement the latest detection capabilities to Microsoft Sentinel. Prepare and maintain detailed incident reports and provide post-incident analysis to improve security measures. Work closely with the team members, such as service desk or projects team, to address security issues and implement solutions. Proactively search for signs of advanced threats and vulnerabilities within the network. SKILL REQUIREMENTS: Strong understanding of cybersecurity principles, including knowledge of common threats and vulnerabilities. Capabilities which include Kubernetes, AWS, GCP, Windows Endpoints, Carbon Black and Elastic SIEM, and an understanding on Powershell. Advanced understanding of cybersecurity principles, attack vectors, threat actors, and the threat landscape. Strong knowledge on the CIA triad. Skilled in triaging alerts, performing root cause analysis, and implementing remediation actions. Deep understanding of network protocols (e.g., TCP/IP, DNS, HTTP/HTTPS, SMTP) and their role in cybersecurity. Familiarity with network devices (e.g., routers, switches, firewalls) and concepts like VPNs and VLANs. Ownership of EDR (Endpoint Detection and Response) solutions, such as MS Defender for Endpoint, CrowdStrike, Carbon Black, or SentinelOne. Knowledge of IDS/IPS is a plus. Experience in managing incidents from identification through containment, eradication, recovery, and lessons learned. Familiarity with cybersecurity frameworks and regulations, such as: NIST Cybersecurity Framework (CSF). ISO/IEC 27001. GDPR, HIPAA, PCI DSS, or other compliance standards. PREFERRED CERTIFICATIONS: Microsoft Azure Sentinel 200. Microsoft Azure Sentinel 400 to be obtained.
Feb 11, 2025
Contractor
Senior SOC Analyst London/Hybrid/ Up To £50K Pro Rata (DOE)/ 3-6 Months FTC We are excited to partner with a financial client based in central London that prides itself in delivering complex projects in fast-paced moving organisations. They are looking to onboard an ambitious and goal-oriented Senior SOC Analyst to join their growing security team. The person will be accountable for delivery of SOC and SIEM to existing and helping to sell capabilities to potential customers. KEY RESPONSIBILITIES: Manage coach and lead the SOC 1st line analyst teams. Quickly assess incidents for their impact and severity. Establish procedures, containing threats, and mitigating potential damage. Ensuring that evidence is collected in a proper organised manner. Implement the latest detection capabilities to Microsoft Sentinel. Prepare and maintain detailed incident reports and provide post-incident analysis to improve security measures. Work closely with the team members, such as service desk or projects team, to address security issues and implement solutions. Proactively search for signs of advanced threats and vulnerabilities within the network. SKILL REQUIREMENTS: Strong understanding of cybersecurity principles, including knowledge of common threats and vulnerabilities. Capabilities which include Kubernetes, AWS, GCP, Windows Endpoints, Carbon Black and Elastic SIEM, and an understanding on Powershell. Advanced understanding of cybersecurity principles, attack vectors, threat actors, and the threat landscape. Strong knowledge on the CIA triad. Skilled in triaging alerts, performing root cause analysis, and implementing remediation actions. Deep understanding of network protocols (e.g., TCP/IP, DNS, HTTP/HTTPS, SMTP) and their role in cybersecurity. Familiarity with network devices (e.g., routers, switches, firewalls) and concepts like VPNs and VLANs. Ownership of EDR (Endpoint Detection and Response) solutions, such as MS Defender for Endpoint, CrowdStrike, Carbon Black, or SentinelOne. Knowledge of IDS/IPS is a plus. Experience in managing incidents from identification through containment, eradication, recovery, and lessons learned. Familiarity with cybersecurity frameworks and regulations, such as: NIST Cybersecurity Framework (CSF). ISO/IEC 27001. GDPR, HIPAA, PCI DSS, or other compliance standards. PREFERRED CERTIFICATIONS: Microsoft Azure Sentinel 200. Microsoft Azure Sentinel 400 to be obtained.
You must be fully eligible to work in the UK and be able to travel into the Newcastle office to apply for this role The Company Are you an IT professional eager to transition into the world of cyber security? This is your opportunity to join a fast-growing security consultancy. A new Security Operations Centre (SOC) is the hub of proactive detection, response, and digital forensics services for a diverse clientele. The Role As a SOC Analyst , you will be at the forefront of detecting and responding to cyber incidents, safeguarding organisations from advanced threats. This role is perfect for self-motivated individuals who excel in a fast-paced environment. You'll collaborate closely with clients to understand their needs and proactively hunt for potential threats. What we are looking for We are looking for someone with a natural curiosity to delve deep into events and alerts. Strong communication skills are essential, as you'll need to engage effectively with team members and clients. A solid foundation in technology and computing, demonstrated through certifications or experience, is crucial. Self-motivation is key, as you'll need to stay driven in an ever-evolving cyber threat landscape. Required for this role: Experience within an IT Support role Exposure to cyber security tasks within an IT setting Strong communication skills A desire to forge a career in cyber security Any qualifications in cyber security are desired but not essential Benefits: Comprehensive training from day one. Modern, city-centre office location. Flexible hybrid working policy. Supportive and collaborative team culture. Clear career progression paths. Exposure to both offensive and defensive security operations. Empowerment to make a real impact without being just another cog in the machine. If you're ready to take the next step in your cyber security career, apply now and become a key player in our mission to defend our clients against cyber threats!
Jan 29, 2025
Full time
You must be fully eligible to work in the UK and be able to travel into the Newcastle office to apply for this role The Company Are you an IT professional eager to transition into the world of cyber security? This is your opportunity to join a fast-growing security consultancy. A new Security Operations Centre (SOC) is the hub of proactive detection, response, and digital forensics services for a diverse clientele. The Role As a SOC Analyst , you will be at the forefront of detecting and responding to cyber incidents, safeguarding organisations from advanced threats. This role is perfect for self-motivated individuals who excel in a fast-paced environment. You'll collaborate closely with clients to understand their needs and proactively hunt for potential threats. What we are looking for We are looking for someone with a natural curiosity to delve deep into events and alerts. Strong communication skills are essential, as you'll need to engage effectively with team members and clients. A solid foundation in technology and computing, demonstrated through certifications or experience, is crucial. Self-motivation is key, as you'll need to stay driven in an ever-evolving cyber threat landscape. Required for this role: Experience within an IT Support role Exposure to cyber security tasks within an IT setting Strong communication skills A desire to forge a career in cyber security Any qualifications in cyber security are desired but not essential Benefits: Comprehensive training from day one. Modern, city-centre office location. Flexible hybrid working policy. Supportive and collaborative team culture. Clear career progression paths. Exposure to both offensive and defensive security operations. Empowerment to make a real impact without being just another cog in the machine. If you're ready to take the next step in your cyber security career, apply now and become a key player in our mission to defend our clients against cyber threats!
Cyber Security/CSOC Manager Are you a skilled and flexible leader passionate about safeguarding organisation from cyber threats? We are seeking a Cyber Security/CSOC Manager to lead our cyber security operations centre (CSOC) and ensure the resilience of our systems, data, and networks against evolving cyber risks. Key Responsibilities: Oversee the daily operations of the CSOC, ensuring the effective monitoring, detection, and response to security incidents. Develop and implement security policies, procedures, and best practices aligned with industry standards. Lead and mentor a team of security analysts, fostering professional growth and technical excellence. Collaborate with internal stakeholders to identify vulnerabilities and recommend risk mitigation strategies. Conduct regular threat assessments and incident response drills. Manage security tools and technologies, ensuring optimal performance and timely updates. Stay updated on the latest cyber threats, trends, and compliance requirements. Qualifications and Skills: Proven experience in a cyber security role, with at least 5 years in a leadership capacity. Strong knowledge of cyber security frameworks, such as NIST, ISO 27001, or CIS Controls. Hands-on experience with SIEM tools, threat intelligence platforms, and incident response processes. Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Excellent communication and problem-solving skills. Ability to work under pressure and manage multiple priorities effectively. What We Offer: Location: Midlands - Hybrid set up with on-site presence required Job Type: Full time, permanent Salary: 65,000 to 85,000 per annum reflective on experience DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
Jan 29, 2025
Full time
Cyber Security/CSOC Manager Are you a skilled and flexible leader passionate about safeguarding organisation from cyber threats? We are seeking a Cyber Security/CSOC Manager to lead our cyber security operations centre (CSOC) and ensure the resilience of our systems, data, and networks against evolving cyber risks. Key Responsibilities: Oversee the daily operations of the CSOC, ensuring the effective monitoring, detection, and response to security incidents. Develop and implement security policies, procedures, and best practices aligned with industry standards. Lead and mentor a team of security analysts, fostering professional growth and technical excellence. Collaborate with internal stakeholders to identify vulnerabilities and recommend risk mitigation strategies. Conduct regular threat assessments and incident response drills. Manage security tools and technologies, ensuring optimal performance and timely updates. Stay updated on the latest cyber threats, trends, and compliance requirements. Qualifications and Skills: Proven experience in a cyber security role, with at least 5 years in a leadership capacity. Strong knowledge of cyber security frameworks, such as NIST, ISO 27001, or CIS Controls. Hands-on experience with SIEM tools, threat intelligence platforms, and incident response processes. Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Excellent communication and problem-solving skills. Ability to work under pressure and manage multiple priorities effectively. What We Offer: Location: Midlands - Hybrid set up with on-site presence required Job Type: Full time, permanent Salary: 65,000 to 85,000 per annum reflective on experience DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
Job Title: Senior Governance, Risk, and Compliance (GRC) Analyst Location: London (Remote) once a month in office for meetings Salary: 75,000 to 90,000 Depending on experience Employment Type: Full-Time Function description: Support the delivery of the Third-Party Risk / Vendor Management process including managing assessments and tooling. Play a key role in supporting the Cyber Intelligence, Threat Detection, Crisis Preparedness and Response, Penetration Testing and Vulnerability Management efforts at the OSB. Support operational workflows by performing risk-based security reviews of operational systems, applications and third-party integrations. Engage with Technology colleagues and relevant partners to realise the full potential of the OSB's Security Operations capabilities. Leverage a mix of technologies (detection and prevention), processes and human capital to ensure emerging, new, and existing cyber security threats to the organisation are managed appropriately. Role Description: Responsibilities will include: Monitor external intelligence sources to research and evaluate emerging cyber security and technology developments, threats and vulnerabilities of relevance to the OSB, and determine how to manage them adequately and effectively. Plan for disaster recovery and create response and contingency plans in the event of security incidents. Test and evaluate security solutions and advise on how they can be leveraged to address security challenges. Coordinate penetration testing and 'ethical hacking efforts for the OSB and ensure the delivery of actionable contextualised reports. Perform security assessments of applications, systems, and networks, to identify potential weaknesses and ensure adequate defence against exploits of applicable vulnerabilities. Monitor identity and access management, including monitoring for abuse of permissions by authorised system users. Generate customised reports for both technical and non-technical staff and stakeholders on new threats or vulnerabilities driven by analysis, incidents, and adversary engagement. Maintain an information security risk register and assist with internal and external audits relating to information security. Assist with the creation, maintenance and delivery of a cyber security awareness programme for colleagues and other stakeholders. Be an advocate of Information Security both within the Operations function and throughout the rest of the organisation. Provide advice and guidance to staff and other stakeholders on a wide range of security issues. Partner with the Technology team and the wider organisation to ensure that activities and projects are secure by design and implementation. Skills, Competencies, Experience: Wide experience in a cyber security position MSSP CRISC, CISM Qualifications or equivalent preferred Strong technical background in security controls / operations, system, network security and security frameworks such as SOC, NIST, ISO27002, CIS. Expert understanding of the elements of cyber malware-space. Specifically, key threat actors and their motivations, attack types, routes of attack, services, and tools. Extensive experience of Threat Intelligence, Anomaly Detection and Response, Data Leakage Prevention, Intrusion Analysis and SIEM solutions. Experienced working with, and enabling organisations heavily invested / investing in cloud-based technologies. Previous relevant experience of working within an international and complex professional services, start-up or highly regulated industry would be an advantage. Strong analytical and problem-solving skills with ability to balance multiple priorities and meet deadlines, adjust to changing priorities. Identify and drive opportunities to further enhance the security posture of the OSB. Experience of working in a Security Operations Centre or partnering with / working for a Managed Security Service Provider would be an advantage. A hands-on, forward thinker, with a flexible mindset and ability to work in a fast-moving environment that embraces autonomy and is accountable for results. If you are a forward-thinking cybersecurity professional ready to take on new challenges, we encourage you to apply. Join our client in their mission to enhance security and compliance in a dynamic environment. Our client is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Jan 29, 2025
Full time
Job Title: Senior Governance, Risk, and Compliance (GRC) Analyst Location: London (Remote) once a month in office for meetings Salary: 75,000 to 90,000 Depending on experience Employment Type: Full-Time Function description: Support the delivery of the Third-Party Risk / Vendor Management process including managing assessments and tooling. Play a key role in supporting the Cyber Intelligence, Threat Detection, Crisis Preparedness and Response, Penetration Testing and Vulnerability Management efforts at the OSB. Support operational workflows by performing risk-based security reviews of operational systems, applications and third-party integrations. Engage with Technology colleagues and relevant partners to realise the full potential of the OSB's Security Operations capabilities. Leverage a mix of technologies (detection and prevention), processes and human capital to ensure emerging, new, and existing cyber security threats to the organisation are managed appropriately. Role Description: Responsibilities will include: Monitor external intelligence sources to research and evaluate emerging cyber security and technology developments, threats and vulnerabilities of relevance to the OSB, and determine how to manage them adequately and effectively. Plan for disaster recovery and create response and contingency plans in the event of security incidents. Test and evaluate security solutions and advise on how they can be leveraged to address security challenges. Coordinate penetration testing and 'ethical hacking efforts for the OSB and ensure the delivery of actionable contextualised reports. Perform security assessments of applications, systems, and networks, to identify potential weaknesses and ensure adequate defence against exploits of applicable vulnerabilities. Monitor identity and access management, including monitoring for abuse of permissions by authorised system users. Generate customised reports for both technical and non-technical staff and stakeholders on new threats or vulnerabilities driven by analysis, incidents, and adversary engagement. Maintain an information security risk register and assist with internal and external audits relating to information security. Assist with the creation, maintenance and delivery of a cyber security awareness programme for colleagues and other stakeholders. Be an advocate of Information Security both within the Operations function and throughout the rest of the organisation. Provide advice and guidance to staff and other stakeholders on a wide range of security issues. Partner with the Technology team and the wider organisation to ensure that activities and projects are secure by design and implementation. Skills, Competencies, Experience: Wide experience in a cyber security position MSSP CRISC, CISM Qualifications or equivalent preferred Strong technical background in security controls / operations, system, network security and security frameworks such as SOC, NIST, ISO27002, CIS. Expert understanding of the elements of cyber malware-space. Specifically, key threat actors and their motivations, attack types, routes of attack, services, and tools. Extensive experience of Threat Intelligence, Anomaly Detection and Response, Data Leakage Prevention, Intrusion Analysis and SIEM solutions. Experienced working with, and enabling organisations heavily invested / investing in cloud-based technologies. Previous relevant experience of working within an international and complex professional services, start-up or highly regulated industry would be an advantage. Strong analytical and problem-solving skills with ability to balance multiple priorities and meet deadlines, adjust to changing priorities. Identify and drive opportunities to further enhance the security posture of the OSB. Experience of working in a Security Operations Centre or partnering with / working for a Managed Security Service Provider would be an advantage. A hands-on, forward thinker, with a flexible mindset and ability to work in a fast-moving environment that embraces autonomy and is accountable for results. If you are a forward-thinking cybersecurity professional ready to take on new challenges, we encourage you to apply. Join our client in their mission to enhance security and compliance in a dynamic environment. Our client is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
Jan 20, 2025
Full time
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
Global Technology Solutions Ltd
Milton Keynes, Buckinghamshire
SOC Engineer Hybrid position one day in Milton Keynes on site. £40,000 - £50,000 Mon-Fri 9am to 6pm The ideal candidate for this position will have previous experience as a Microsoft Engineer with a strong background in products such as Defender and Sentinel, ideally within a SOC environment. Your work will involve implementing technology and supporting our customers working alongside other engineers, SOC Analysts and other members of the delivery team. This role has strong potential for career and training development as we deliver industry leading solutions to our customers. Main Duties/Responsibilities: * Implementation and support of Microsoft Defender and Sentinel * Designing and refining engineering standards and best practices * Conduct periodic Microsoft healthcheck assessments, audits, and architecture reviews * Work alongside SOC Analysts to improve the detection of security incidents * Research and implement new technologies that can be used within the SOC * Deploy automation throughout the SOC to improve the overall operational effectiveness of the SOC * Assisting with the triage of incidents alongside others * Draft reports and customer-facing documents to a high standard * Stay up to date with the latest cyber vulnerabilities * Assist with the development of more junior members of the team where required Essential Skills & Experience: * Any relevant Microsoft Certifications: AZ-104, SC-200, AZ-500 * Solid background as a Security Engineer/SOC Engineer * Ability to lead and design automation/Scripting in SIEM Tools * Experience with SIEM solutions such as Azure Sentinel, Splunk, McAfee, Rapid7, LogRhythym etc * Ability to design and document security processes * Analysing cloud security risks and threats, performing cloud security audits and assessments, and recommending cloud security controls * A strong analytical mindset with prior experience with KQL and PowerBI * Excellent written and spoken English skills are vital for compiling high-quality reports and liaising with clients In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
Jan 29, 2024
Full time
SOC Engineer Hybrid position one day in Milton Keynes on site. £40,000 - £50,000 Mon-Fri 9am to 6pm The ideal candidate for this position will have previous experience as a Microsoft Engineer with a strong background in products such as Defender and Sentinel, ideally within a SOC environment. Your work will involve implementing technology and supporting our customers working alongside other engineers, SOC Analysts and other members of the delivery team. This role has strong potential for career and training development as we deliver industry leading solutions to our customers. Main Duties/Responsibilities: * Implementation and support of Microsoft Defender and Sentinel * Designing and refining engineering standards and best practices * Conduct periodic Microsoft healthcheck assessments, audits, and architecture reviews * Work alongside SOC Analysts to improve the detection of security incidents * Research and implement new technologies that can be used within the SOC * Deploy automation throughout the SOC to improve the overall operational effectiveness of the SOC * Assisting with the triage of incidents alongside others * Draft reports and customer-facing documents to a high standard * Stay up to date with the latest cyber vulnerabilities * Assist with the development of more junior members of the team where required Essential Skills & Experience: * Any relevant Microsoft Certifications: AZ-104, SC-200, AZ-500 * Solid background as a Security Engineer/SOC Engineer * Ability to lead and design automation/Scripting in SIEM Tools * Experience with SIEM solutions such as Azure Sentinel, Splunk, McAfee, Rapid7, LogRhythym etc * Ability to design and document security processes * Analysing cloud security risks and threats, performing cloud security audits and assessments, and recommending cloud security controls * A strong analytical mindset with prior experience with KQL and PowerBI * Excellent written and spoken English skills are vital for compiling high-quality reports and liaising with clients In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
Contents Location About the job Benefits Things you need to know Apply and further information Location Belfast, Cardiff, Darlington, Edinburgh, London About the job Summary Join a team at the heart of the global economy! We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video ! Our Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas. Youll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade. Job description This role sits within the DIT Security Operations Centre (SOC), which is responsible for the identification and handling of security threats. You will be responsible for the monitoring aspects of the SOCs Target Operating Model (TOM) at a high level, acting as the final point of escalation for the resolution of incidents identified by SOC analysts. A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DITs capability to detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility. Responsibilities Responsibilities In your day-to-day role, you will: Lead the implementation of the DIT monitoring policyand management of the SOC TOM, providing expert advice to junior SOC staff. Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis. Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunterand in line with DITs policies. Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders. Be responsible for defining the vision, principles, and strategy for incident response. Essential Skills and Experience You should be able to demonstrate essential skills and experience of: Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities . Demonstrable experience with KQL or similar query language . Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience in cyber security incident management . Effective verbal and written communication skills. Demonstrable knowledge and experience of intrusion detection and analysis skills . Desirable Skills and Experience While not essential, it would be ideal if you have demonstrable skills and experience of: SIEM and Security Software, especially Microsoft Professional information security certification CISSP or similar. Experience of working in a multi-cloud environment. Knowledge or experience of forensics. Benefits Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Security Successful candidates must pass a disclosure and barring security check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check . See our vetting charter . People working with government assets must complete basic personnel security standard checks. Selection process details We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way. Assessment and Interview As part of the application process you will be asked to upload a CV which outlines your experience, skills and fit for the role. At the sift stage for this role, Inspire People will assess you against the essential criteria listed above to compile a long list of applications. If you are progressed through to this stage, you will be asked to complete a short, pre-recorded video interview with Inspire People or provide written answers to questions. These applications will then be sifted by DIT hiring managers. Initial sifting will take place the week commencing 26th September, with CV submissions to DIT on the 30th September. Interviews will take place the week commencing 10th October. Please note that these dates are indicative and may be subject to change. At the interview stage for this role, we will assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around Behaviours and Technical skills, which are part of the Civil Service Success Profiles . The technical element within the interview, where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context, will assess against these Technical Skills: Intrusion detection and analysis Threat intelligence and assessment Incident management, investigation, and response Information risk assessment and risk management Applied security capability Query language expertise You will also be assessed against the Behaviours of: Developing Self and Others Changing and Improving Delivering at Pace Offer Stage Appointments may be made to candidates in merit order based on location preferences. The salary we will offer is determined using interview performance. Scores at interview translate to proficiency levels and an associated salary. Once a successful candidate has a proficiency level and is part of the capability framework, they will be given opportunities to self-assess to progress through the pay scale within their grade during their time at DIT. For further explanation of proficiency levels and more information about DDaT click here. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. If successful and transferring from another Government Department a criminal record check may be carried out. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you. Please note the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role. Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at New entrants are expected to join on the minimum of the pay band. Reasonable adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs. Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: ..... click apply for full job details
Sep 09, 2022
Full time
Contents Location About the job Benefits Things you need to know Apply and further information Location Belfast, Cardiff, Darlington, Edinburgh, London About the job Summary Join a team at the heart of the global economy! We create digital services, data tools and technology for businesses to prosper around the world. Have a look at our video ! Our Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas. Youll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all our users. Find out more on our blog, Digital Trade. Job description This role sits within the DIT Security Operations Centre (SOC), which is responsible for the identification and handling of security threats. You will be responsible for the monitoring aspects of the SOCs Target Operating Model (TOM) at a high level, acting as the final point of escalation for the resolution of incidents identified by SOC analysts. A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DITs capability to detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility. Responsibilities Responsibilities In your day-to-day role, you will: Lead the implementation of the DIT monitoring policyand management of the SOC TOM, providing expert advice to junior SOC staff. Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis. Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunterand in line with DITs policies. Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders. Be responsible for defining the vision, principles, and strategy for incident response. Essential Skills and Experience You should be able to demonstrate essential skills and experience of: Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities . Demonstrable experience with KQL or similar query language . Solid knowledge of various information security frameworks, for example MITRE. Demonstrable experience in cyber security incident management . Effective verbal and written communication skills. Demonstrable knowledge and experience of intrusion detection and analysis skills . Desirable Skills and Experience While not essential, it would be ideal if you have demonstrable skills and experience of: SIEM and Security Software, especially Microsoft Professional information security certification CISSP or similar. Experience of working in a multi-cloud environment. Knowledge or experience of forensics. Benefits Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an average employer contribution of 27% Things you need to know Security Successful candidates must pass a disclosure and barring security check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check . See our vetting charter . People working with government assets must complete basic personnel security standard checks. Selection process details We are closely monitoring the situation regarding the coronavirus, and will be following central Government advice as it is issued. There is therefore a risk that recruitment to this post may be subject to change at short notice. In addition, where appropriate, you may be invited to attend a video interview. Please continue to follow the application process as normal and ensure that you check your emails regularly as all updates from us will be sent to you this way. Assessment and Interview As part of the application process you will be asked to upload a CV which outlines your experience, skills and fit for the role. At the sift stage for this role, Inspire People will assess you against the essential criteria listed above to compile a long list of applications. If you are progressed through to this stage, you will be asked to complete a short, pre-recorded video interview with Inspire People or provide written answers to questions. These applications will then be sifted by DIT hiring managers. Initial sifting will take place the week commencing 26th September, with CV submissions to DIT on the 30th September. Interviews will take place the week commencing 10th October. Please note that these dates are indicative and may be subject to change. At the interview stage for this role, we will assess your technical/specialist experience, outlined in the above role description, testing your ability through relevant assessments/presentations and ask you questions around Behaviours and Technical skills, which are part of the Civil Service Success Profiles . The technical element within the interview, where you will be asked a series of questions to demonstrate your specific professional skills and knowledge related directly to the job role and context, will assess against these Technical Skills: Intrusion detection and analysis Threat intelligence and assessment Incident management, investigation, and response Information risk assessment and risk management Applied security capability Query language expertise You will also be assessed against the Behaviours of: Developing Self and Others Changing and Improving Delivering at Pace Offer Stage Appointments may be made to candidates in merit order based on location preferences. The salary we will offer is determined using interview performance. Scores at interview translate to proficiency levels and an associated salary. Once a successful candidate has a proficiency level and is part of the capability framework, they will be given opportunities to self-assess to progress through the pay scale within their grade during their time at DIT. For further explanation of proficiency levels and more information about DDaT click here. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. Candidates who pass the bar at interview but are not the highest scoring will be held on a 12-month reserve list for future appointments. Candidates who are judged to be a near miss at interview may be offered a post at the grade below the one advertised. If successful and transferring from another Government Department a criminal record check may be carried out. The Department for International Trade embraces and values diversity in all forms. We welcome and pride ourselves on the positive impact diversity has on the work we do, and we promote equality of opportunity throughout the organisation. Harmonised terms and conditions are attached. Please take time to read the document to determine how these may affect you. Please note the successful candidate will be expected to remain in post for a minimum of 18 months before being released for another role. Any move to the Department for International Trade from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at New entrants are expected to join on the minimum of the pay band. Reasonable adjustment If a person with disabilities is put at a substantial disadvantage compared to a non-disabled person, we have a duty to make reasonable changes to our processes. If you need a change to be made so that you can make your application, you should contact the DDaT Recruitment team before the closing date to discuss your needs. Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DIT by email: ..... click apply for full job details
Technical Consultant About Us Everything we do creates a safer future. Our people have a shared vision to protect the connected world, to create and deliver intelligent global solutions across and an ever changing financial crime landscape. We are obsessed about solving problems for our customers, we bring together great minds who face tough challenges on a daily basis, and are encouraged to make a difference. Together, we make the world a safer place. Make everyday matter. About The Team Technical Consultants provide critical solution and domain knowledge to Financial Services clients. This is often associated with but not restricted to the implementation and operation of the NetReveal solution. The successful candidate will work in the Professional Services team as a Technical Consultant with our clients in the Financial Services sector. They will be an independent thinking problem solver able to consult on, design and implement a range of solutions across, our Financial Services product line. About The Role This role offers a unique opportunity to gain experience in industry leading Financial Services solutions and to work with our flagship suite of compliance and counter fraud products called NetReveal. These products are rapidly gaining market dominance in the detection and prevention of financial crime and fraud. You will have the opportunity to work on NetReveal product implementation and integrate enterprise solutions with blue chip clients. This role can be based out of London, Guildford or Dublin. What You Will Be Doing - Develop Compliance and Fraud Detection models - Work collaboratively with members of our clients teams installing software releases on their environments and assist in testing and trouble-shooting issues on the client s environments - Create hosted environments for our SaaS clients - Provide consultancy and best practice guidance on how to operate and maintain the solutions on client environments - Design and build automated scripts for operation of hosted solutions - Adhere to and enhance software development approaches and methodologies - Analyse and develop data processing software for large scale and real-time processing - Participate in the preparation for and delivery of workshops with clients' risk, compliance and fraud teams, investigators and data teams - Deliver high quality work to meet client expectations and project deadlines - Respond to and resolve project issues - Mentoring and supporting graduates and junior team members Key Skills : SQL experience, either Oracle or Postgres preferred Exposure to and experience working in Unix environment Experience in software management and version control e.g. SVN Desirable skills: Application server experience e.g. Webpshere, Jboss, Tomcat, Wildfly Python Scripting Experience in cloud technologies e.g AWS , Azure Shell scripting Life at BAE Systems Applied Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Applied Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Financial Services At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the financial sector is one of the biggest targets for cyber-attacks. Our Financial Services business unit is responsible for all of our clients in the financial sector and handle all areas of these relationships. AI s Financial Services Division helps banks, insurers and other major financial institutions to combat fraud, unauthorised trading and money laundering, and meets their regulatory compliance obligations. As a member of the Financial Services business unit, you will be responsible for providing critical services to clients in the financial sector and ensure that we remain a leading name in cyber security. We all have a role to play in defending our clients, and this is yours.
Sep 01, 2022
Full time
Technical Consultant About Us Everything we do creates a safer future. Our people have a shared vision to protect the connected world, to create and deliver intelligent global solutions across and an ever changing financial crime landscape. We are obsessed about solving problems for our customers, we bring together great minds who face tough challenges on a daily basis, and are encouraged to make a difference. Together, we make the world a safer place. Make everyday matter. About The Team Technical Consultants provide critical solution and domain knowledge to Financial Services clients. This is often associated with but not restricted to the implementation and operation of the NetReveal solution. The successful candidate will work in the Professional Services team as a Technical Consultant with our clients in the Financial Services sector. They will be an independent thinking problem solver able to consult on, design and implement a range of solutions across, our Financial Services product line. About The Role This role offers a unique opportunity to gain experience in industry leading Financial Services solutions and to work with our flagship suite of compliance and counter fraud products called NetReveal. These products are rapidly gaining market dominance in the detection and prevention of financial crime and fraud. You will have the opportunity to work on NetReveal product implementation and integrate enterprise solutions with blue chip clients. This role can be based out of London, Guildford or Dublin. What You Will Be Doing - Develop Compliance and Fraud Detection models - Work collaboratively with members of our clients teams installing software releases on their environments and assist in testing and trouble-shooting issues on the client s environments - Create hosted environments for our SaaS clients - Provide consultancy and best practice guidance on how to operate and maintain the solutions on client environments - Design and build automated scripts for operation of hosted solutions - Adhere to and enhance software development approaches and methodologies - Analyse and develop data processing software for large scale and real-time processing - Participate in the preparation for and delivery of workshops with clients' risk, compliance and fraud teams, investigators and data teams - Deliver high quality work to meet client expectations and project deadlines - Respond to and resolve project issues - Mentoring and supporting graduates and junior team members Key Skills : SQL experience, either Oracle or Postgres preferred Exposure to and experience working in Unix environment Experience in software management and version control e.g. SVN Desirable skills: Application server experience e.g. Webpshere, Jboss, Tomcat, Wildfly Python Scripting Experience in cloud technologies e.g AWS , Azure Shell scripting Life at BAE Systems Applied Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Applied Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Financial Services At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the financial sector is one of the biggest targets for cyber-attacks. Our Financial Services business unit is responsible for all of our clients in the financial sector and handle all areas of these relationships. AI s Financial Services Division helps banks, insurers and other major financial institutions to combat fraud, unauthorised trading and money laundering, and meets their regulatory compliance obligations. As a member of the Financial Services business unit, you will be responsible for providing critical services to clients in the financial sector and ensure that we remain a leading name in cyber security. We all have a role to play in defending our clients, and this is yours.
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our multi-disciplined Cyber Incident Response (CIR) practice is central to this. Our team supports PwC's clients in crisis to prepare, respond and recover from cyber attacks, as well as reduce the risk of attacks by using the insights we have gained from being at the front-lines of investigating these attacks. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. A key part of this will be increasing our capacity to help our clients prepare for and reduce the risk of attacks. This includes working with our clients' security operations teams to improve their ability to detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase "cost to the attacker". Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We want team members with a strong technical understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incident response and security operations capabilities. We also want team members who will be passionate about developing and improving our technical consulting offerings using the insights gained from being at the front-lines of investigating these cyber attacks. You should have a proven ability to lead teams and projects to deliver improvements to security operations and incident response functions, across people, process and technology. You will have an in-depth understanding of the processes, techniques and tools used by security operations and incident response teams. We are also looking for team members with high levels of communication skills, as well as consulting and project management experience. You will also be able to easily flex between work with both technical client stakeholders, such as SOC analysts, as well as senior stakeholders such as a Head of SOCs, Head of Cyber Security or CIO. You will ideally have experience such as: Developing cyber incident response plan, playbooks and processes that allow security operations team to rapidly and effectively respond to incidents; Collaborating with incident response teams to plan and deliver targeted remediation activities after cyber security incidents; Designing prevention, detection and response strategies for organisations based on threat actor tools, techniques and procedures; Building effective security operations capabilities and using purple team engagements to tune and validate detection tooling; Working collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing and vulnerability scanning; Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams; Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents. A robust understanding of: The typical techniques used by attackers, ranging from criminal to state affiliated groups. Preventing and detecting common attacker techniques and the MITRE ATT&CK framework; Tuning and configuring cyber security tools, for example SIEM and EDR tooling; How enterprise IT networks, Active Directory and Azure AD operate. Responsibilities We are looking for passionate, motivated and experienced individuals that can lead our work helping clients prepare for and reduce the risk of attacks. As this role would be part of our multidisciplinary Cyber Incident Response practice, this role would also include assisting the wider team to help clients respond to cyber security incidents and to manage our profilo of cyber incident response retainers. Lead client engagements across our incident response services portfolio to help clients prepare for and reduce the risk of attacks, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery, examples include: Assessing organisations' ability to detect and respond to cyber attacks; Understanding organisations' vulnerability to specific cyber security threats; Delivering remediation projects for client's who have had cyber security incidents, and assisting plan cyber transformations; Testing and improving cyber incident response plans, runbooks and processes; Designing and implementing improvements to our clients detection tooling; Using purple teaming to tune and validate detection capabilities; and, Implementing targeted improvements to increase cost to the attacker. Contribute to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with existing and new clients, and support outreach and business development efforts in collaboration with other teams; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Support the execution of our business strategy and growing PwC's reputation in the cyber security market, for example by taking on responsibility for relationships with third parties such as technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
Dec 08, 2021
Full time
Background PwC is a market leading provider of cyber security services to major organisations worldwide. Our global team of over 4,850 cybersecurity professionals includes specialised consultants, former law enforcement officials, forensic investigators, intelligence analysts, data scientists, legal professionals and industry leaders in cybersecurity and privacy. We are rated as a leader by multiple industry analysts for Global, EMEA and Asia-Pacific Cybersecurity Consulting services. Our multi-disciplined Cyber Incident Response (CIR) practice is central to this. Our team supports PwC's clients in crisis to prepare, respond and recover from cyber attacks, as well as reduce the risk of attacks by using the insights we have gained from being at the front-lines of investigating these attacks. Now is an exciting time to join the team and help shape and execute ambitious plans over the next 5 years. A key part of this will be increasing our capacity to help our clients prepare for and reduce the risk of attacks. This includes working with our clients' security operations teams to improve their ability to detect and respond to attacks, and with their IT teams to implement targeted technical improvements that increase "cost to the attacker". Our Cyber Incident Response practice works closely alongside many other of our front-line technical teams, including our global threat intelligence team, our Managed Cyber Defence threat hunting team and our ethical hacking practice. We also work with PwC's dedicated crisis coordination team to provide support to clients at all levels of their organisations. Experience We want team members with a strong technical understanding of how organisations can prevent, detect, assess and respond to cybersecurity threats and incidents, as well as how to build best of class incident response and security operations capabilities. We also want team members who will be passionate about developing and improving our technical consulting offerings using the insights gained from being at the front-lines of investigating these cyber attacks. You should have a proven ability to lead teams and projects to deliver improvements to security operations and incident response functions, across people, process and technology. You will have an in-depth understanding of the processes, techniques and tools used by security operations and incident response teams. We are also looking for team members with high levels of communication skills, as well as consulting and project management experience. You will also be able to easily flex between work with both technical client stakeholders, such as SOC analysts, as well as senior stakeholders such as a Head of SOCs, Head of Cyber Security or CIO. You will ideally have experience such as: Developing cyber incident response plan, playbooks and processes that allow security operations team to rapidly and effectively respond to incidents; Collaborating with incident response teams to plan and deliver targeted remediation activities after cyber security incidents; Designing prevention, detection and response strategies for organisations based on threat actor tools, techniques and procedures; Building effective security operations capabilities and using purple team engagements to tune and validate detection tooling; Working collaboratively with IT teams to remediate vulnerabilities identified through red team engagements, penetration testing and vulnerability scanning; Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams; Acting as the subject matter expert or technical team lead for organisations in cyber crisis and data breach situations, and providing technical response strategy and execution support to enable them to successfully resolve, remediate, and recover from cyber security incidents. A robust understanding of: The typical techniques used by attackers, ranging from criminal to state affiliated groups. Preventing and detecting common attacker techniques and the MITRE ATT&CK framework; Tuning and configuring cyber security tools, for example SIEM and EDR tooling; How enterprise IT networks, Active Directory and Azure AD operate. Responsibilities We are looking for passionate, motivated and experienced individuals that can lead our work helping clients prepare for and reduce the risk of attacks. As this role would be part of our multidisciplinary Cyber Incident Response practice, this role would also include assisting the wider team to help clients respond to cyber security incidents and to manage our profilo of cyber incident response retainers. Lead client engagements across our incident response services portfolio to help clients prepare for and reduce the risk of attacks, acting as the key point of contact for senior client stakeholders, setting direction for the project teams, and being accountable for the technical excellence of our delivery, examples include: Assessing organisations' ability to detect and respond to cyber attacks; Understanding organisations' vulnerability to specific cyber security threats; Delivering remediation projects for client's who have had cyber security incidents, and assisting plan cyber transformations; Testing and improving cyber incident response plans, runbooks and processes; Designing and implementing improvements to our clients detection tooling; Using purple teaming to tune and validate detection capabilities; and, Implementing targeted improvements to increase cost to the attacker. Contribute to capability development, proposition development and thought leadership initiatives; Provide mentoring and oversight to the incident response practice to help the team grow and develop; Collaborate and build relationships with PwC's wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work; Originate, cultivate and maintain relationships with existing and new clients, and support outreach and business development efforts in collaboration with other teams; Develop, enhance or refine the portfolio of incident response services in line with market trends, emerging threats, or opportunities for innovation or market disruption; Support the execution of our business strategy and growing PwC's reputation in the cyber security market, for example by taking on responsibility for relationships with third parties such as technology alliance partners; and, Play a key role in PwC's global incident response community to support knowledge sharing, practice development and to pursue opportunities in collaboration with global colleagues. . Risk We're a leading provider of trust in the digital world - in the eyes of our people, our clients and our stakeholders. Today's business environment is different. More complex. More connected. Companies not only face new and unknown risks, but also new and untapped opportunities. Our team is at the forefront of this change, join us to be a part of transforming how risk is perceived and capitalised on. Not the role for you? Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)? The skills we look for in future employees All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here: The Deal We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'. Find out more about our firmwide Employee Value Proposition: Diversity Valuing Difference. Driving Inclusion. We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.
We are nuclear professionals in everything we do The Sellafield site is one of the biggest construction sites in Europe and we are a world leader in the nuclear industry. We're responsible for some of the largest engineering projects in the UK. The Sellafield site is one of the biggest construction sites in the UK. Our challenges are almost always industry firsts. Hazard reduction is incredibly demanding technically, calling for vision, imagination and expertise. The complexity of each project is unmatched anywhere else in the nuclear sector. Our relentless pursuit of excellence is reflected in our health, safety, security, resilience and environmental performance standards. To support this we have a vacancy for a Digital Forensics & Incident Response Supervisor based within our Security & Resilience department. On a day to day basis the role involves: • Manage and develop a shift team of CSOC Analysts in relation to protective monitoring, incident response, and threat hunting to ensure the delivery of a mature and highly skilled CSOC. • Lead, co-ordinate and provide technical assurance & escalation for daily investigations performed within the CSOC to ensure high standards of working across the team and provide an in-depth technical knowledge required to delivery protective monitoring and incident response across the Corporate and OT information systems. • Develop and enact Digital Forensics capabilities within CSOC relating to escalated investigations, threat hunting and incident response to deliver cyber threat detection and forensically sound evidence, in accordance with government and ONR guidelines. • Lead in the development and tuning of Cyber Operations tooling and its application to the business, aligning with the cyber exploitation / Cyber Kill Chain / Mitre ATT&CK matrix, increase capabilities and efficiency of incident response, mitigating threats to ensure new threats and vulnerabilities are managed and mitigated. • Develop and perform the activities defined in the Cyber Security Incident Response Plan / Forensics Readiness plan, ensuring Operational elements are achieved in accordance with site emergency arrangements. • To oversee technical implementation and commissioning of Cyber Security tooling solutions to agreed requirements. • To provide advice and guidance to internal and external stakeholders in relation to Digital forensics, Incident Response and Cyber Security in general to ensure threats are identified, with measures understood to reduce impact and consequence. • To assess, suggest or take remedial action to Cyber Security Incidents within defined policies and standards. • To review, document and apply good practice against all Cyber Security incidents for damage arising from compromise of company sensitive and Government protectively marked information across Sellafield. • To review Cyber security tools, processes and procedures and assist in testing the robustness of current and developing systems. To deputise for the CSOC Manager when required. To thrive in the role you will need: • Degree qualified or 2 years minimum experience in Cyber Security or Information Assurance. • Knowledge of Digital Forensics. • Capable of obtaining GIAC certification in IT Security/Digital Forensics field. • Knowledge of Business Continuity. • Strong understanding of network protocols. • Line management / leadership experience. • Ability to achieve DV clearance + NPPV You may also have: • GCIA (Certified Intrusion Analyst). • GCFE (Certified Forensic Examiner). • GCFA (Certified Forensic Analyst). • GNFA (Network Forensic Analyst). • GPEN (Penetration Tester). • CMI First Line Management qualification. • APM / Prince2 Project Management. • IOSH Managing Safely. • Control Systems experience. • Malware analysis experience. • Vulnerability analysis experience. Pay & Benefits Salary: £38,801 Closing Date: 29/11/21 Location: Sellafield, West Cumbria In promoting equal opportunities, Sellafield Ltd welcomes applications from all sections of the community. We select people according to their abilities and our needs. You are advised to regularly check your emails (including any junk mail/spam folders) for correspondence related to this post, including assessment or interview invitations and any other type of correspondence relating to your application. In the event of a high number of responses to any advert, Sellafield Ltd reserves the right to close the advert early. As users of the Disability Confident Scheme, we guarantee to interview all disabled applicants who meet the minimum essential skills for the vacancy. You will be able to declare a disability when completing our application form
Dec 01, 2021
Full time
We are nuclear professionals in everything we do The Sellafield site is one of the biggest construction sites in Europe and we are a world leader in the nuclear industry. We're responsible for some of the largest engineering projects in the UK. The Sellafield site is one of the biggest construction sites in the UK. Our challenges are almost always industry firsts. Hazard reduction is incredibly demanding technically, calling for vision, imagination and expertise. The complexity of each project is unmatched anywhere else in the nuclear sector. Our relentless pursuit of excellence is reflected in our health, safety, security, resilience and environmental performance standards. To support this we have a vacancy for a Digital Forensics & Incident Response Supervisor based within our Security & Resilience department. On a day to day basis the role involves: • Manage and develop a shift team of CSOC Analysts in relation to protective monitoring, incident response, and threat hunting to ensure the delivery of a mature and highly skilled CSOC. • Lead, co-ordinate and provide technical assurance & escalation for daily investigations performed within the CSOC to ensure high standards of working across the team and provide an in-depth technical knowledge required to delivery protective monitoring and incident response across the Corporate and OT information systems. • Develop and enact Digital Forensics capabilities within CSOC relating to escalated investigations, threat hunting and incident response to deliver cyber threat detection and forensically sound evidence, in accordance with government and ONR guidelines. • Lead in the development and tuning of Cyber Operations tooling and its application to the business, aligning with the cyber exploitation / Cyber Kill Chain / Mitre ATT&CK matrix, increase capabilities and efficiency of incident response, mitigating threats to ensure new threats and vulnerabilities are managed and mitigated. • Develop and perform the activities defined in the Cyber Security Incident Response Plan / Forensics Readiness plan, ensuring Operational elements are achieved in accordance with site emergency arrangements. • To oversee technical implementation and commissioning of Cyber Security tooling solutions to agreed requirements. • To provide advice and guidance to internal and external stakeholders in relation to Digital forensics, Incident Response and Cyber Security in general to ensure threats are identified, with measures understood to reduce impact and consequence. • To assess, suggest or take remedial action to Cyber Security Incidents within defined policies and standards. • To review, document and apply good practice against all Cyber Security incidents for damage arising from compromise of company sensitive and Government protectively marked information across Sellafield. • To review Cyber security tools, processes and procedures and assist in testing the robustness of current and developing systems. To deputise for the CSOC Manager when required. To thrive in the role you will need: • Degree qualified or 2 years minimum experience in Cyber Security or Information Assurance. • Knowledge of Digital Forensics. • Capable of obtaining GIAC certification in IT Security/Digital Forensics field. • Knowledge of Business Continuity. • Strong understanding of network protocols. • Line management / leadership experience. • Ability to achieve DV clearance + NPPV You may also have: • GCIA (Certified Intrusion Analyst). • GCFE (Certified Forensic Examiner). • GCFA (Certified Forensic Analyst). • GNFA (Network Forensic Analyst). • GPEN (Penetration Tester). • CMI First Line Management qualification. • APM / Prince2 Project Management. • IOSH Managing Safely. • Control Systems experience. • Malware analysis experience. • Vulnerability analysis experience. Pay & Benefits Salary: £38,801 Closing Date: 29/11/21 Location: Sellafield, West Cumbria In promoting equal opportunities, Sellafield Ltd welcomes applications from all sections of the community. We select people according to their abilities and our needs. You are advised to regularly check your emails (including any junk mail/spam folders) for correspondence related to this post, including assessment or interview invitations and any other type of correspondence relating to your application. In the event of a high number of responses to any advert, Sellafield Ltd reserves the right to close the advert early. As users of the Disability Confident Scheme, we guarantee to interview all disabled applicants who meet the minimum essential skills for the vacancy. You will be able to declare a disability when completing our application form