Information Security Engineer Full time Permanent 50,000 - 55,000 Per Annum, Plus Benefits Package Location: Central Birmingham, West Midlands (Hybrid Working - 2 days per week onsite) Our leading services client in Birmingham is seeking a highly skilled Information Security Engineer/Analyst on a full time basis, to help strengthen their Cyber Security posture and safeguard their systems and data. Reporting directly to the Head of IT this is a hands-on technical role focused on securing enterprise applications, infrastructure, and sensitive data. You'll be instrumental in implementing and maintaining robust security measures, conducting assessments, and responding to incidents. Collaboration across departments will be key to embedding security best practices throughout the organisation. Key Duties & Responsibilities: Evaluate application architecture, source code, and third-party integration's for security risks Support secure software development lifecycle (SDLC) processes and promote secure coding standards Identify and remediate vulnerabilities using industry-standard tools Administer and configure security technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with policies Produce monthly security reports and maintain documentation Required Skills & Experience: Recent and significant experience in cyber security or information security roles Familiarity with frameworks such as MITRE ATT&CK, NIST, ISO 27001, Cyber Essentials+ Hands-on experience with tools like Nessus, Qualys, SIEM, EDR, DLP, VPNs, and firewalls Strong understanding of network protocols (TCP/IP, DNS, HTTP, SSH) and segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual leave plus stautory - 1 x extra day every year for the first 3 years Blue Light Card Medicash - includes discounted gym memberships etc. If your profile demonstrates strong and recent experience in the above areas - please submit your application ASAP to Jackie Dean at TXP for consideration. TXP takes great pride in representing socially responsible clients who not only prioritise diversity and inclusion but also actively combat social inequality. Together, we have the power to make a profound impact on fostering a more equitable and inclusive society. By working with us, you become part of a movement dedicated to promoting a diverse and inclusive workforce.
Nov 05, 2025
Full time
Information Security Engineer Full time Permanent 50,000 - 55,000 Per Annum, Plus Benefits Package Location: Central Birmingham, West Midlands (Hybrid Working - 2 days per week onsite) Our leading services client in Birmingham is seeking a highly skilled Information Security Engineer/Analyst on a full time basis, to help strengthen their Cyber Security posture and safeguard their systems and data. Reporting directly to the Head of IT this is a hands-on technical role focused on securing enterprise applications, infrastructure, and sensitive data. You'll be instrumental in implementing and maintaining robust security measures, conducting assessments, and responding to incidents. Collaboration across departments will be key to embedding security best practices throughout the organisation. Key Duties & Responsibilities: Evaluate application architecture, source code, and third-party integration's for security risks Support secure software development lifecycle (SDLC) processes and promote secure coding standards Identify and remediate vulnerabilities using industry-standard tools Administer and configure security technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with policies Produce monthly security reports and maintain documentation Required Skills & Experience: Recent and significant experience in cyber security or information security roles Familiarity with frameworks such as MITRE ATT&CK, NIST, ISO 27001, Cyber Essentials+ Hands-on experience with tools like Nessus, Qualys, SIEM, EDR, DLP, VPNs, and firewalls Strong understanding of network protocols (TCP/IP, DNS, HTTP, SSH) and segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual leave plus stautory - 1 x extra day every year for the first 3 years Blue Light Card Medicash - includes discounted gym memberships etc. If your profile demonstrates strong and recent experience in the above areas - please submit your application ASAP to Jackie Dean at TXP for consideration. TXP takes great pride in representing socially responsible clients who not only prioritise diversity and inclusion but also actively combat social inequality. Together, we have the power to make a profound impact on fostering a more equitable and inclusive society. By working with us, you become part of a movement dedicated to promoting a diverse and inclusive workforce.
First Choice Recruitment Services
Bromsgrove, Worcestershire
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
Nov 04, 2025
Full time
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
Role Overview We are working with a Charity who are seeking a proactive and detail-oriented Cyber Security Analyst to support the ongoing protection of their digital assets, systems, and data. This home-based role will be instrumental in monitoring threats, identifying risk, assessing vulnerabilities, and improving their security posture across the organisation. You'll work closely with the IT Security Manager, wider IT team, and third-party partners to ensure security best practices are maintained across their cloud and on-premise environments. Key Responsibilities Conduct threat and vulnerability assessments and recommend remediation steps Support the investigation of security incidents and policy violations Assist with risk assessments and security audits Implement and maintain security standards, and guidelines Work with third-party vendors and partners on pen testing and remediation activities Support awareness campaigns to improve cybersecurity hygiene among staff Assist in the development and implementation of disaster recovery and business continuity plans. Produce reports and metrics for senior IT and governance stakeholders Stay updated with the latest threats, trends, and compliance requirements (e.g., GDPR, PCI DSS, Cyber Essentials) Person Specification Essential: Demonstrable experience in a related role Excellent problem-solving, analytical, and communication skills An appetite for keeping up to date with the latest developments in technology, business practices, and the wider threat environment Ability to work independently and remotely with minimal supervision Understanding of current threats, attack vectors, and security frameworks Familiarity with Microsoft 365 security tools (Defender, Purview, Entra, etc.) Working knowledge of network protocols, email security, and IT architectures Right to work in the UK Desirable: Industry certifications (e.g., CompTIA Security+, SSCP) Experience in the charity or non-profit sector Familiarity with Microsoft Azure cloud platforms and identity management Experience with compliance frameworks (PCI DSS, Cyber Essentials) Experience with auditing and compliance Experience of BCP/DR
Nov 04, 2025
Full time
Role Overview We are working with a Charity who are seeking a proactive and detail-oriented Cyber Security Analyst to support the ongoing protection of their digital assets, systems, and data. This home-based role will be instrumental in monitoring threats, identifying risk, assessing vulnerabilities, and improving their security posture across the organisation. You'll work closely with the IT Security Manager, wider IT team, and third-party partners to ensure security best practices are maintained across their cloud and on-premise environments. Key Responsibilities Conduct threat and vulnerability assessments and recommend remediation steps Support the investigation of security incidents and policy violations Assist with risk assessments and security audits Implement and maintain security standards, and guidelines Work with third-party vendors and partners on pen testing and remediation activities Support awareness campaigns to improve cybersecurity hygiene among staff Assist in the development and implementation of disaster recovery and business continuity plans. Produce reports and metrics for senior IT and governance stakeholders Stay updated with the latest threats, trends, and compliance requirements (e.g., GDPR, PCI DSS, Cyber Essentials) Person Specification Essential: Demonstrable experience in a related role Excellent problem-solving, analytical, and communication skills An appetite for keeping up to date with the latest developments in technology, business practices, and the wider threat environment Ability to work independently and remotely with minimal supervision Understanding of current threats, attack vectors, and security frameworks Familiarity with Microsoft 365 security tools (Defender, Purview, Entra, etc.) Working knowledge of network protocols, email security, and IT architectures Right to work in the UK Desirable: Industry certifications (e.g., CompTIA Security+, SSCP) Experience in the charity or non-profit sector Familiarity with Microsoft Azure cloud platforms and identity management Experience with compliance frameworks (PCI DSS, Cyber Essentials) Experience with auditing and compliance Experience of BCP/DR
Security Analyst Cardiff-based office (Hybrid - Very Flexible) Up to 42,000 + Excellent Benefits CPS Group are delighted to be supporting our financial services client in their search for a Security Analyst to join their growing, forward-thinking Security team on a permanent basis. This is an exciting opportunity to play a key role in safeguarding digital infrastructure, enhancing security controls, and ensuring the resilience of systems, networks, and data across both cloud and on-prem environments. If you're passionate about cyber security, thrive in dynamic environments, and want your work to have a tangible impact, this is a fantastic time to join a business that truly values its people, invests in technology, and encourages professional growth. If you have a passion for cyber security, then this is the The Role: Monitor systems, networks, and user activity to detect suspicious behaviour or policy violations Investigate and manage security incidents, carrying out root cause analysis and reporting Deploy, configure, and maintain key security platforms used by the analyst team Conduct vulnerability assessments and coordinate remediation activities Support patch management and compliance reporting Perform regular reviews and health checks on security controls Create and enhance measures to demonstrate the effectiveness of security controls Assist with internal and external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows Server and Desktop environments XDR solutions - tuning and alert investigation Experience: Ideally, you'll bring around 5+ years' experience in a similar role, such as: IT Security Analyst SOC Analyst Digital Forensics Specialist Senior Network Administrator / Network Engineer Relevant qualifications in IT Security, Cyber Security ect. A proactive, curious, and detail-oriented approach to problem-solving Excellent communication skills, both written and verbal, with the ability to simplify technical issues Confidence working with large data sets and security analytics tools A genuine passion for cyber security and continuous learning If interested, please apply today or contact Sam John at CPS Group for more information: (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)>
Nov 03, 2025
Full time
Security Analyst Cardiff-based office (Hybrid - Very Flexible) Up to 42,000 + Excellent Benefits CPS Group are delighted to be supporting our financial services client in their search for a Security Analyst to join their growing, forward-thinking Security team on a permanent basis. This is an exciting opportunity to play a key role in safeguarding digital infrastructure, enhancing security controls, and ensuring the resilience of systems, networks, and data across both cloud and on-prem environments. If you're passionate about cyber security, thrive in dynamic environments, and want your work to have a tangible impact, this is a fantastic time to join a business that truly values its people, invests in technology, and encourages professional growth. If you have a passion for cyber security, then this is the The Role: Monitor systems, networks, and user activity to detect suspicious behaviour or policy violations Investigate and manage security incidents, carrying out root cause analysis and reporting Deploy, configure, and maintain key security platforms used by the analyst team Conduct vulnerability assessments and coordinate remediation activities Support patch management and compliance reporting Perform regular reviews and health checks on security controls Create and enhance measures to demonstrate the effectiveness of security controls Assist with internal and external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows Server and Desktop environments XDR solutions - tuning and alert investigation Experience: Ideally, you'll bring around 5+ years' experience in a similar role, such as: IT Security Analyst SOC Analyst Digital Forensics Specialist Senior Network Administrator / Network Engineer Relevant qualifications in IT Security, Cyber Security ect. A proactive, curious, and detail-oriented approach to problem-solving Excellent communication skills, both written and verbal, with the ability to simplify technical issues Confidence working with large data sets and security analytics tools A genuine passion for cyber security and continuous learning If interested, please apply today or contact Sam John at CPS Group for more information: (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)>
Ready to safeguard critical systems and data from evolving threats? Join a global leader in consulting, technology, and digital transformation with a proven track record of helping organisations modernise and secure their operations. Known for its innovative approach and industry expertise, the organisation supports clients in strengthening resilience, protecting assets, and enabling trusted digital experiences. The team is hiring a Security Analyst to monitor, investigate, and respond to security incidents while ensuring compliance with standards and policies. The role will focus on proactive threat detection, vulnerability management, and supporting security operations across diverse environments. Defend the future of digital transformation. Apply now! Responsibilities: Conduct reactive monitoring of client networks to deliver a layered, agile cyber defence capability across all security domains. Manage and triage alerts, conduct impact assessments, and develop mitigating strategies to be briefed up the chain of command. Improve, review, and ensure compliance with all existing cyber security policies, procedures, and orders. Research and maintain knowledge of current cyber issues, vulnerabilities, and exploits, producing technical reports and briefs to share insights. Skills/Must have: Eligible for SC Clearance (ideally holding). Knowledge and experience with SIEM toolsets and security management tools. Desirable certifications such as CompTIA Security+, CySA+, AWS, Microsoft, SANS, or CISSP. Knowledge of data networks. Benefits: Opportunity to gain exposure to industry-leading SIEM and cyber defence tools. Career development through training and security certifications. Work within a collaborative team focused on critical national security. Salary: Up to £45,000 per annum
Nov 01, 2025
Full time
Ready to safeguard critical systems and data from evolving threats? Join a global leader in consulting, technology, and digital transformation with a proven track record of helping organisations modernise and secure their operations. Known for its innovative approach and industry expertise, the organisation supports clients in strengthening resilience, protecting assets, and enabling trusted digital experiences. The team is hiring a Security Analyst to monitor, investigate, and respond to security incidents while ensuring compliance with standards and policies. The role will focus on proactive threat detection, vulnerability management, and supporting security operations across diverse environments. Defend the future of digital transformation. Apply now! Responsibilities: Conduct reactive monitoring of client networks to deliver a layered, agile cyber defence capability across all security domains. Manage and triage alerts, conduct impact assessments, and develop mitigating strategies to be briefed up the chain of command. Improve, review, and ensure compliance with all existing cyber security policies, procedures, and orders. Research and maintain knowledge of current cyber issues, vulnerabilities, and exploits, producing technical reports and briefs to share insights. Skills/Must have: Eligible for SC Clearance (ideally holding). Knowledge and experience with SIEM toolsets and security management tools. Desirable certifications such as CompTIA Security+, CySA+, AWS, Microsoft, SANS, or CISSP. Knowledge of data networks. Benefits: Opportunity to gain exposure to industry-leading SIEM and cyber defence tools. Career development through training and security certifications. Work within a collaborative team focused on critical national security. Salary: Up to £45,000 per annum
Overview Ready to detect, respond, and contain threats before they escalate? Join a cybersecurity solutions provider recognised for delivering advanced identity, threat detection, and SOC services. With a reputation for innovation and trusted partnerships, the organisation continues to help enterprises defend against evolving cyber risks. The team is hiring an L2 SOC Analyst to monitor, investigate, and respond to security incidents. The role will focus on analysing alerts, performing in-depth investigations, escalating complex threats, and supporting continuous improvements in SOC processes and tools. Be the frontline defender where speed meets precision. Apply now! Responsibilities Investigate escalated security incidents and determine root causes. Conduct in-depth analysis of incidents using threat intelligence (IOCs, TTPs) alongside host, network, and identity data sets. Leverage SIEM platforms (Crowdstrike SIEM, Splunk, Microsoft Defender) to develop and implement new use cases. Tune and reduce false alerts. Lead investigations through resolution. Monitor and analyze events across multiple operating systems (Windows, macOS, Linux). Conduct proactive threat hunts across diverse data sources (host, vulnerability, threat, network, Active Directory). Collaborate with stakeholders to coordinate timely incident response efforts. Design and implement incident response plans, including alert definitions, escalation workflows, and runbooks. Produce clear and comprehensive incident documentation tailored to both technical and management audiences. Perform forensic investigations as needed. Partner with vendors to implement new SOC use cases. Requirements 5+ years of recent experience as a Tier 2 or 3 SOC Analyst in a large organization (government or critical infrastructure experience preferred). Strong expertise with SIEM tools, including Crowdstrike, Splunk, and Microsoft Defender. Proven track record designing and implementing SOC use cases and response runbooks. Demonstrated ability to conduct advanced correlation analysis across diverse security data sources. Experience leading complex investigations and collaborating with cross-functional teams. Strong experience setting up alert rules and managing alert workflows. Excellent documentation skills for technical and executive-level reporting. Proactive, curious, and analytical problem solver. Strong qualitative and quantitative analysis abilities. Adaptive and resilient in fast-paced, dynamic environments. Excellent communication and stakeholder engagement skills. Salary: €350 per day
Oct 31, 2025
Full time
Overview Ready to detect, respond, and contain threats before they escalate? Join a cybersecurity solutions provider recognised for delivering advanced identity, threat detection, and SOC services. With a reputation for innovation and trusted partnerships, the organisation continues to help enterprises defend against evolving cyber risks. The team is hiring an L2 SOC Analyst to monitor, investigate, and respond to security incidents. The role will focus on analysing alerts, performing in-depth investigations, escalating complex threats, and supporting continuous improvements in SOC processes and tools. Be the frontline defender where speed meets precision. Apply now! Responsibilities Investigate escalated security incidents and determine root causes. Conduct in-depth analysis of incidents using threat intelligence (IOCs, TTPs) alongside host, network, and identity data sets. Leverage SIEM platforms (Crowdstrike SIEM, Splunk, Microsoft Defender) to develop and implement new use cases. Tune and reduce false alerts. Lead investigations through resolution. Monitor and analyze events across multiple operating systems (Windows, macOS, Linux). Conduct proactive threat hunts across diverse data sources (host, vulnerability, threat, network, Active Directory). Collaborate with stakeholders to coordinate timely incident response efforts. Design and implement incident response plans, including alert definitions, escalation workflows, and runbooks. Produce clear and comprehensive incident documentation tailored to both technical and management audiences. Perform forensic investigations as needed. Partner with vendors to implement new SOC use cases. Requirements 5+ years of recent experience as a Tier 2 or 3 SOC Analyst in a large organization (government or critical infrastructure experience preferred). Strong expertise with SIEM tools, including Crowdstrike, Splunk, and Microsoft Defender. Proven track record designing and implementing SOC use cases and response runbooks. Demonstrated ability to conduct advanced correlation analysis across diverse security data sources. Experience leading complex investigations and collaborating with cross-functional teams. Strong experience setting up alert rules and managing alert workflows. Excellent documentation skills for technical and executive-level reporting. Proactive, curious, and analytical problem solver. Strong qualitative and quantitative analysis abilities. Adaptive and resilient in fast-paced, dynamic environments. Excellent communication and stakeholder engagement skills. Salary: €350 per day
At Proact, we're a pan European data management specialist with a focus on unlocking the power of data through strategy, storage, connectivity, and security. But that's only part of our story . We're also here to break the mould. To stake new ground. To do things differently. And we've created a fast-paced, people-first working environment with a focus on innovation, learning and career development that encourages you to do just that. Here, you can bring your whole self to work as you'll be part of a truly diverse organisation, working with both local and national customers. You can act with integrity, act with commitment, and act with excellence in mind. And you can embrace change, seek out new challenges, and learn by doing. All as part of a team with a shared sense of direction. One that's enabling innovation, accelerating growth, and disrupting entire industries. This is what it means to . What you'll do As a SOC Analyst you will be trained in all aspects of SIEM, using your studies, and possibly any work experience you may have, as a good foundation of knowledge to build upon. This is an entry level position and does not require any prior experience in Security Analysis. The role includes, but is not limited to: Producing Security Analysis for Proact, and customers Looking for anomalies and patterns in events Analysing vulnerabilities in Proact's and customer's systems Monitoring for anomalies which could be IoC (Indicators of Compromise) Alerting customers and relevant internal decision makers of suspicious events Liaising with customers Checking for corresponding authentication failures etc. Growing your technical expertise in: Network protocols including TCP/IP fundamental-Operating systems (Windows and Linux) Hosting platforms, enterprise systems and infrastructure Virtual environments-Security products such as anti-virus, IDS, IPS, SIEM, APT detection, VA systems Vulnerability management (network scanning, ethical hacking, penetration testing) Malware, virus, botnet, MITRE ATT&CK framework techniques, etc. Security standards, including ISO-27001, PCI/DSS, NHS Digital Framework, HMG SPF To in this role you'll need To have graduated in a relevant degree, such as Cyber Security or Information Security with a minimum grade of 2:2 To be able to obtain HMG SC clearance To be interested in further developing your Cyber Security knowledge and completing relevant training as required Excellent communication skills The ability to document and explain technical details clearly and concisely to both technical peers and senior (non-technical) business management Solid attention to detail The ability to think "outside the box" and identify opportunities to improve current processes To be flexible - shift patterns may change to meet the role and department requirements, which can include: -12h Shifts based on a 'four on, four off' shift pattern. You are entitled to a one hour meal break and two fifteen minute comfort breaks during each of your shifts. You will work for four days between the hours of 7am and 7pmfollowed by four days off, followed by four nights between the hours of 7pmand 7am, again followed by four days off. The pattern then repeats. You will be required to work on weekends and public holidays where they fall on working days within your shift pattern Benefits: A diverse and inclusive culture We'll encourage you to be yourself, and your best self, every day at work. Exciting and non-standard career pathways: Our flat structure offers all the support you need to learn, develop, grow and progress. Opportunities to collaborate: You'll have the chance to engage with leading tech partners and build your own industry network. A commitment to your wellbeing : We offer private comprehensive health care cover and a range of health and wellbeing benefits to help you stay well, both in and out of work. Generous financial rewards: We'll reward you financially with a great salary, an industry leading commission plan, and a good pension. Brilliant lifestyle benefits :You'll get more out of life with everything from generous holiday entitlement and additional purchase scheme to paid charity day
Oct 31, 2025
Full time
At Proact, we're a pan European data management specialist with a focus on unlocking the power of data through strategy, storage, connectivity, and security. But that's only part of our story . We're also here to break the mould. To stake new ground. To do things differently. And we've created a fast-paced, people-first working environment with a focus on innovation, learning and career development that encourages you to do just that. Here, you can bring your whole self to work as you'll be part of a truly diverse organisation, working with both local and national customers. You can act with integrity, act with commitment, and act with excellence in mind. And you can embrace change, seek out new challenges, and learn by doing. All as part of a team with a shared sense of direction. One that's enabling innovation, accelerating growth, and disrupting entire industries. This is what it means to . What you'll do As a SOC Analyst you will be trained in all aspects of SIEM, using your studies, and possibly any work experience you may have, as a good foundation of knowledge to build upon. This is an entry level position and does not require any prior experience in Security Analysis. The role includes, but is not limited to: Producing Security Analysis for Proact, and customers Looking for anomalies and patterns in events Analysing vulnerabilities in Proact's and customer's systems Monitoring for anomalies which could be IoC (Indicators of Compromise) Alerting customers and relevant internal decision makers of suspicious events Liaising with customers Checking for corresponding authentication failures etc. Growing your technical expertise in: Network protocols including TCP/IP fundamental-Operating systems (Windows and Linux) Hosting platforms, enterprise systems and infrastructure Virtual environments-Security products such as anti-virus, IDS, IPS, SIEM, APT detection, VA systems Vulnerability management (network scanning, ethical hacking, penetration testing) Malware, virus, botnet, MITRE ATT&CK framework techniques, etc. Security standards, including ISO-27001, PCI/DSS, NHS Digital Framework, HMG SPF To in this role you'll need To have graduated in a relevant degree, such as Cyber Security or Information Security with a minimum grade of 2:2 To be able to obtain HMG SC clearance To be interested in further developing your Cyber Security knowledge and completing relevant training as required Excellent communication skills The ability to document and explain technical details clearly and concisely to both technical peers and senior (non-technical) business management Solid attention to detail The ability to think "outside the box" and identify opportunities to improve current processes To be flexible - shift patterns may change to meet the role and department requirements, which can include: -12h Shifts based on a 'four on, four off' shift pattern. You are entitled to a one hour meal break and two fifteen minute comfort breaks during each of your shifts. You will work for four days between the hours of 7am and 7pmfollowed by four days off, followed by four nights between the hours of 7pmand 7am, again followed by four days off. The pattern then repeats. You will be required to work on weekends and public holidays where they fall on working days within your shift pattern Benefits: A diverse and inclusive culture We'll encourage you to be yourself, and your best self, every day at work. Exciting and non-standard career pathways: Our flat structure offers all the support you need to learn, develop, grow and progress. Opportunities to collaborate: You'll have the chance to engage with leading tech partners and build your own industry network. A commitment to your wellbeing : We offer private comprehensive health care cover and a range of health and wellbeing benefits to help you stay well, both in and out of work. Generous financial rewards: We'll reward you financially with a great salary, an industry leading commission plan, and a good pension. Brilliant lifestyle benefits :You'll get more out of life with everything from generous holiday entitlement and additional purchase scheme to paid charity day
About Us Turnkey Consulting is an independent risk and security consultancy that brings together people, protection, and performance to help organisations achieve Digital Enterprise Resilience. For more than 20 years, Turnkey has enabled the world's leading companies to understand and optimise their risk and security landscape through assessment-based road mapping, organisational empowerment, and expert application of market-leading technologies. Turnkey is headquartered in London with offices across Asia, Australia, Europe, and North America. Role Overview We are seeking an experienced individual with a strong foundation in SAP Vulnerability Management and Threat Detection systems, including associated controls, proficiency in SAP environments, and awareness of Cybersecurity frameworks. Responsibilities Design, implement, and assess vulnerability management frameworks, primarily within SAP-enabled environments. Lead client conversations on SAP Vulnerability and Threat Management strategy, compliance challenges, and controls optimisation. Provide insight on Information Security frameworks (OWASP/NIST/NIS2 etc.) and the Secure Operations Map, helping communicate regulatory or good practice obligations and actionable solutions. Manage and mentor junior consultants and analysts to aid a high-performance team culture. Support business development activities, including scoping, proposal development, and client pitches throughout the sales lifecycle. Build long-term relationships with clients as a trusted advisor in controls and compliance. Required Core Behaviours Ability to focus on the "why" of our solutions, not just the how. Demonstrable experience in prioritising the client's objectives Passionate about improving the perception of the industry towards a more business growth enabling function. Demonstrable ability to build productive relationships with both internal and external stakeholders in a hybrid working environment. Required Skills & Experience Strong experience designing and executing detection and protective controls, ideally within SAP ERP systems. Experience in one of Onapsis, Security Bridge, SAP ETD, Pathlock CAC. Strong experience of implementing vulnerability management controls (implementation and testing). Knowledge of relevant industry frameworks and vendor solutions aligned to provide such control solutions. Demonstrated ability to lead engagements and communicate effectively with senior stakeholders. Proven track record in team management and mentoring. Familiarity with the consulting sales lifecycle, including opportunity identification and bid support. Excellent analytical, presentation, and organisational skills. Preferred Qualifications Professional certifications such as CREST or equivalent. Experience in risk advisory or Big Four consultancy environment. Exposure to emerging technologies in risk and controls, such as automation, data analytics, AI etc. Reports to: RSC Director Salary: Competitive salary depending on a combination of factors, including level of experience and expertise, in addition to an OTE bonus. Location: Based in our London office, with hybrid working (expected office working 2-3 days per week). Occasional travel to our offices in other countries will be expected as part of this role if there is a requirement to do so. Benefits include: Pension: on joining, employees will be automatically enrolled in our workplace pension scheme Holiday Entitlement: employees receive 25 days per holiday year plus all statutory bank and public holidays in England and Wales Private Medical Insurance: employees will be enrolled onto the company BUPA healthcare scheme Insurances: Life Insurance and Critical Illness cover are provided to all employees Carbon Offset: Employees will be enrolled on the company's carbon offset scheme, which is committed to offsetting at least 50% of all employees' personal carbon emissions. All Turnkey employees are entitled to £40 worth of carbon credits each year, which can offset 7 tonnes of carbon. Options are available to increase carbon credit amounts, which would be treated as a benefit in kind.
Oct 30, 2025
Full time
About Us Turnkey Consulting is an independent risk and security consultancy that brings together people, protection, and performance to help organisations achieve Digital Enterprise Resilience. For more than 20 years, Turnkey has enabled the world's leading companies to understand and optimise their risk and security landscape through assessment-based road mapping, organisational empowerment, and expert application of market-leading technologies. Turnkey is headquartered in London with offices across Asia, Australia, Europe, and North America. Role Overview We are seeking an experienced individual with a strong foundation in SAP Vulnerability Management and Threat Detection systems, including associated controls, proficiency in SAP environments, and awareness of Cybersecurity frameworks. Responsibilities Design, implement, and assess vulnerability management frameworks, primarily within SAP-enabled environments. Lead client conversations on SAP Vulnerability and Threat Management strategy, compliance challenges, and controls optimisation. Provide insight on Information Security frameworks (OWASP/NIST/NIS2 etc.) and the Secure Operations Map, helping communicate regulatory or good practice obligations and actionable solutions. Manage and mentor junior consultants and analysts to aid a high-performance team culture. Support business development activities, including scoping, proposal development, and client pitches throughout the sales lifecycle. Build long-term relationships with clients as a trusted advisor in controls and compliance. Required Core Behaviours Ability to focus on the "why" of our solutions, not just the how. Demonstrable experience in prioritising the client's objectives Passionate about improving the perception of the industry towards a more business growth enabling function. Demonstrable ability to build productive relationships with both internal and external stakeholders in a hybrid working environment. Required Skills & Experience Strong experience designing and executing detection and protective controls, ideally within SAP ERP systems. Experience in one of Onapsis, Security Bridge, SAP ETD, Pathlock CAC. Strong experience of implementing vulnerability management controls (implementation and testing). Knowledge of relevant industry frameworks and vendor solutions aligned to provide such control solutions. Demonstrated ability to lead engagements and communicate effectively with senior stakeholders. Proven track record in team management and mentoring. Familiarity with the consulting sales lifecycle, including opportunity identification and bid support. Excellent analytical, presentation, and organisational skills. Preferred Qualifications Professional certifications such as CREST or equivalent. Experience in risk advisory or Big Four consultancy environment. Exposure to emerging technologies in risk and controls, such as automation, data analytics, AI etc. Reports to: RSC Director Salary: Competitive salary depending on a combination of factors, including level of experience and expertise, in addition to an OTE bonus. Location: Based in our London office, with hybrid working (expected office working 2-3 days per week). Occasional travel to our offices in other countries will be expected as part of this role if there is a requirement to do so. Benefits include: Pension: on joining, employees will be automatically enrolled in our workplace pension scheme Holiday Entitlement: employees receive 25 days per holiday year plus all statutory bank and public holidays in England and Wales Private Medical Insurance: employees will be enrolled onto the company BUPA healthcare scheme Insurances: Life Insurance and Critical Illness cover are provided to all employees Carbon Offset: Employees will be enrolled on the company's carbon offset scheme, which is committed to offsetting at least 50% of all employees' personal carbon emissions. All Turnkey employees are entitled to £40 worth of carbon credits each year, which can offset 7 tonnes of carbon. Options are available to increase carbon credit amounts, which would be treated as a benefit in kind.
Unily partners with the world's largest and most complex enterprises to power Organizational Velocity through digital Employee Experience transformation. Iconic brands, including Estée Lauder Companies, CVS Health, and British Airways, use Unily's market-leading Employee Experience platform to improve productivity, streamline communication, and foster a highly connected workplace. Unily is the only triple leader recognized by all three of the major analysts. Unily is recognized as a Leader in the 2024 Gartner Magic Quadrant for Intranet Packaged Solutions, the 2024 Forrester Wave : Intranet Platforms, and the IDC MarketScape: Worldwide Experience-Centric Intelligent Digital Workspaces 2024. With these accolades, we continue to grow and expand our employee community with people who are passionate about joining us on this exciting journey. Job Purpose As we continue to expand our market share in the rapidly emerging Employee Experience platform category, we are looking for an Application Security Manager. This role is responsible for building and executing a comprehensive application security programme that combines strategic oversight with hands-on technical execution. The Application Security Manager ensures that security is embedded throughout the software development lifecycle (SDLC), enabling Unily to deliver secure products at speed. The Application Security Manager will define and enforce secure development policies and practices, establish privacy by design principles, and mange the risk and escalation process. They will actively engage in technical assurance activities such as threat modelling, application testing, dependency analysis, cloud and container security assessments and CI/CD pipeline hardening. The role will act as both a strategic partner to leadership and a trusted advisor to engineering teams, being a customer facing point of contact when required. Main Responsibilities Define and maintain secure development policies and privacy by design requirements Own the risk acceptance and escalation process, maintaining the risk register Develop and measure the application security strategy levering frameworks such as OWASP SAMM Support RFPs and sales responses on application security matters Lead and coordinate external penetration testing engagements and remediation follow up Drive risk-based prioritisation, assigning and validating CVSS scores Deliver and manager secure development training programs Conduct and facilitate threat modelling and architecture and design security reviews Perform or coordinate application security testing Generate and manage software bills of materials (SBOMs) to manage supply chain risks Ensure build verification and oversee IaC and container/Kubernetes scanning within pipelines Provide guidance on secure cloud-native architectures Evaluate and apply security testing tools and techniques (e.g. Burpsuite, fuzzing, IaC scanners, Static Analysers) Contribute to security metrics, reports and dashboards Collaborate with engineering, operations and product teams to embed security best practices throughout the whole SDLC Requirements Proven experience in application security Strong knowledge of secure software development practices, DevSecOps and CI/CD security integration Hands on experience with application security testing tools and techniques (e.g. SAST, DAST, Dependency checkers, IaC scanners, secret detection, container security tools) Understanding of threat modelling, architecture and design reviews and offensive security principles Familiarity with compliance and regulatory frameworks Experience with risk acceptance processes, CVSS scoring and vulnerability management Experience managing external penetration testing vendors Familiarity with SBOMs and software supply chain security Strong background in cloud and container security Ability to communicate with technical and non-technical stakeholders Knowledge of data privacy regulations and GDPR, and how they intersect with application security Certifications such as CISSP, CSSLP, OSWE, OSCP or equivalents Degree in computer science, cyber security, related fields or equivalent experience We are united by a shared purpose and are committed to truly understanding each other. We know that everyone is unique and has their own story. We strive to have a diverse workforce that embraces and celebrates one another. We are united in building connections and curious to learn from each other so that we continue to grow together to build the workplace of tomorrow. Why Work For Unily? In addition to a generous base salary and discretionary company bonus, here are some things we think you will love: Our awesome team culture. We are focused on achieving results as a team and having fun while we do it. You won't find a friendlier or more dedicated bunch of people. Our industry leading product. We are very proud of our ever-evolving product, naturally we use (and love) it internally and provide the tools and resources for you (and our clients) to become a Unily expert. The flexibility that we offer. We don't just mean working from home occasionally. We operate on a hybrid basis, and also recognize that life happens during the 9-5.30 and encourage a sustainable work/life balance. Our bright and modern office spaces. When you need to be in the office we want it to be like being at home. We have a well-stocked kitchen and the option to bring your dog to work. We offer a fantastic suite of benefits. Including 25 days holiday plus an extra paid day off to enjoy your birthday, Vitality life cover (for health, sight, hearing and dental), Aviva pension (via a salary sacrifice scheme), life assurance, income protection and so many more. Our commitment to sustainability and giving back to the community.We know working for an organisation that takes its environmental & social impact seriously is important, and we are proud to offer 1 fully paid volunteering day per year, an employee matching charity donation scheme and options to lease an Electric Vehicle through our salary sacrifice scheme. View Unily's UK & EEA Careers Privacy Notice here View Unily's USA Careers Privacy Notice here
Oct 30, 2025
Full time
Unily partners with the world's largest and most complex enterprises to power Organizational Velocity through digital Employee Experience transformation. Iconic brands, including Estée Lauder Companies, CVS Health, and British Airways, use Unily's market-leading Employee Experience platform to improve productivity, streamline communication, and foster a highly connected workplace. Unily is the only triple leader recognized by all three of the major analysts. Unily is recognized as a Leader in the 2024 Gartner Magic Quadrant for Intranet Packaged Solutions, the 2024 Forrester Wave : Intranet Platforms, and the IDC MarketScape: Worldwide Experience-Centric Intelligent Digital Workspaces 2024. With these accolades, we continue to grow and expand our employee community with people who are passionate about joining us on this exciting journey. Job Purpose As we continue to expand our market share in the rapidly emerging Employee Experience platform category, we are looking for an Application Security Manager. This role is responsible for building and executing a comprehensive application security programme that combines strategic oversight with hands-on technical execution. The Application Security Manager ensures that security is embedded throughout the software development lifecycle (SDLC), enabling Unily to deliver secure products at speed. The Application Security Manager will define and enforce secure development policies and practices, establish privacy by design principles, and mange the risk and escalation process. They will actively engage in technical assurance activities such as threat modelling, application testing, dependency analysis, cloud and container security assessments and CI/CD pipeline hardening. The role will act as both a strategic partner to leadership and a trusted advisor to engineering teams, being a customer facing point of contact when required. Main Responsibilities Define and maintain secure development policies and privacy by design requirements Own the risk acceptance and escalation process, maintaining the risk register Develop and measure the application security strategy levering frameworks such as OWASP SAMM Support RFPs and sales responses on application security matters Lead and coordinate external penetration testing engagements and remediation follow up Drive risk-based prioritisation, assigning and validating CVSS scores Deliver and manager secure development training programs Conduct and facilitate threat modelling and architecture and design security reviews Perform or coordinate application security testing Generate and manage software bills of materials (SBOMs) to manage supply chain risks Ensure build verification and oversee IaC and container/Kubernetes scanning within pipelines Provide guidance on secure cloud-native architectures Evaluate and apply security testing tools and techniques (e.g. Burpsuite, fuzzing, IaC scanners, Static Analysers) Contribute to security metrics, reports and dashboards Collaborate with engineering, operations and product teams to embed security best practices throughout the whole SDLC Requirements Proven experience in application security Strong knowledge of secure software development practices, DevSecOps and CI/CD security integration Hands on experience with application security testing tools and techniques (e.g. SAST, DAST, Dependency checkers, IaC scanners, secret detection, container security tools) Understanding of threat modelling, architecture and design reviews and offensive security principles Familiarity with compliance and regulatory frameworks Experience with risk acceptance processes, CVSS scoring and vulnerability management Experience managing external penetration testing vendors Familiarity with SBOMs and software supply chain security Strong background in cloud and container security Ability to communicate with technical and non-technical stakeholders Knowledge of data privacy regulations and GDPR, and how they intersect with application security Certifications such as CISSP, CSSLP, OSWE, OSCP or equivalents Degree in computer science, cyber security, related fields or equivalent experience We are united by a shared purpose and are committed to truly understanding each other. We know that everyone is unique and has their own story. We strive to have a diverse workforce that embraces and celebrates one another. We are united in building connections and curious to learn from each other so that we continue to grow together to build the workplace of tomorrow. Why Work For Unily? In addition to a generous base salary and discretionary company bonus, here are some things we think you will love: Our awesome team culture. We are focused on achieving results as a team and having fun while we do it. You won't find a friendlier or more dedicated bunch of people. Our industry leading product. We are very proud of our ever-evolving product, naturally we use (and love) it internally and provide the tools and resources for you (and our clients) to become a Unily expert. The flexibility that we offer. We don't just mean working from home occasionally. We operate on a hybrid basis, and also recognize that life happens during the 9-5.30 and encourage a sustainable work/life balance. Our bright and modern office spaces. When you need to be in the office we want it to be like being at home. We have a well-stocked kitchen and the option to bring your dog to work. We offer a fantastic suite of benefits. Including 25 days holiday plus an extra paid day off to enjoy your birthday, Vitality life cover (for health, sight, hearing and dental), Aviva pension (via a salary sacrifice scheme), life assurance, income protection and so many more. Our commitment to sustainability and giving back to the community.We know working for an organisation that takes its environmental & social impact seriously is important, and we are proud to offer 1 fully paid volunteering day per year, an employee matching charity donation scheme and options to lease an Electric Vehicle through our salary sacrifice scheme. View Unily's UK & EEA Careers Privacy Notice here View Unily's USA Careers Privacy Notice here
Unily partners with the world's largest and most complex enterprises to power Organizational Velocity through digital Employee Experience transformation. Iconic brands, including Estée Lauder Companies, CVS Health, and British Airways, use Unily's market-leading Employee Experience platform to improve productivity, streamline communication, and foster a highly connected workplace. Unily is the only triple leader recognized by all three of the major analysts. Unily is recognized as a Leader in the 2024 GartnerMagic Quadrantfor Intranet Packaged Solutions, the 2024 Forrester Wave: Intranet Platforms, and the IDC MarketScape: Worldwide Experience-Centric Intelligent Digital Workspaces 2024. With these accolades, we continue to grow and expand our employee community with people who are passionate about joining us on this exciting journey. Job Purpose As we continue to expand our market share in the rapidly emerging Employee Experience platform category, we are looking for an Application Security Manager. This role is responsible for building and executing a comprehensive application security programme that combines strategic oversight with hands-on technical execution. The Application Security Manager ensures that security is embedded throughout the software development lifecycle (SDLC), enabling Unily to deliver secure products at speed. The Application Security Manager will define and enforce secure development policies and practices, establish privacy by design principles, and mange the risk and escalation process. They will actively engage in technical assurance activities such as threat modelling, application testing, dependency analysis, cloud and container security assessments and CI/CD pipeline hardening. The role will act as both a strategic partner to leadership and a trusted advisor to engineering teams, being a customer facing point of contact when required. Main Responsibilities Define and maintain secure development policies and privacy by design requirements Own the risk acceptance and escalation process, maintaining the risk register Develop and measure the application security strategy levering frameworks such as OWASP SAMM Support RFPs and sales responses on application security matters Lead and coordinate external penetration testing engagements and remediation follow up Drive risk-based prioritisation, assigning and validating CVSS scores Deliver and manager secure development training programs Conduct and facilitate threat modelling and architecture and design security reviews Perform or coordinate application security testing Generate and manage software bills of materials (SBOMs) to manage supply chain risks Ensure build verification and oversee IaC and container/Kubernetes scanning within pipelines Provide guidance on secure cloud-native architectures Evaluate and apply security testing tools and techniques (e.g. Burpsuite, fuzzing, IaC scanners, Static Analysers) Contribute to security metrics, reports and dashboards Collaborate with engineering, operations and product teams to embed security best practices throughout the whole SDLC Requirements Proven experience in application security Strong knowledge of secure software development practices, DevSecOps and CI/CD security integration Hands on experience with application security testing tools and techniques (e.g. SAST, DAST, Dependency checkers, IaC scanners, secret detection, container security tools) Understanding of threat modelling, architecture and design reviews and offensive security principles Familiarity with compliance and regulatory frameworks Experience with risk acceptance processes, CVSS scoring and vulnerability management Experience managing external penetration testing vendors Familiarity with SBOMs and software supply chain security Strong background in cloud and container security Ability to communicate with technical and non-technical stakeholders Knowledge of data privacy regulations and GDPR, and how they intersect with application security Certifications such as CISSP, CSSLP, OSWE, OSCP or equivalents Degree in computer science, cyber security, related fields or equivalent experience We are united by a shared purpose and are committed to truly understanding each other. We know that everyone is unique and has their own story. We strive to have a diverse workforce that embraces and celebrates one another. We are united in building connections and curious to learn from each other so that we continue to grow together to build the workplace of tomorrow. Why Work For Unily? In addition to a generous base salary and discretionary company bonus, here are some things we think you will love: Our awesome team culture. We are focused on achieving results as a team and having fun while we do it. You won't find a friendlier or more dedicated bunch of people. Our industry leading product. We are very proud of our ever-evolving product, naturally we use (and love) it internally and provide the tools and resources for you (and our clients) to become a Unily expert. The flexibility that we offer. We don't just mean working from home occasionally. We operate on a hybrid basis, and also recognize that life happens during the 9-5.30 and encourage a sustainable work/life balance. Our bright and modern office spaces. When you need to be in the office we want it to be like being at home. We have a well-stocked kitchen and the option to bring your dog to work. We offer a fantastic suite of benefits. Including 25 days holiday plus an extra paid day off to enjoy your birthday, Vitality life cover (for health, sight, hearing and dental), Aviva pension (via a salary sacrifice scheme), life assurance, income protection and so many more. Our commitment to sustainability and giving back to the community.We know working for an organisation that takes its environmental & social impact seriously is important, and we are proud to offer 1 fully paid volunteering day per year, an employee matching charity donation scheme and options to lease an Electric Vehicle through our salary sacrifice scheme. View Unily's UK & EEA Careers Privacy Notice here View Unily's USA Careers Privacy Notice here
Oct 29, 2025
Full time
Unily partners with the world's largest and most complex enterprises to power Organizational Velocity through digital Employee Experience transformation. Iconic brands, including Estée Lauder Companies, CVS Health, and British Airways, use Unily's market-leading Employee Experience platform to improve productivity, streamline communication, and foster a highly connected workplace. Unily is the only triple leader recognized by all three of the major analysts. Unily is recognized as a Leader in the 2024 GartnerMagic Quadrantfor Intranet Packaged Solutions, the 2024 Forrester Wave: Intranet Platforms, and the IDC MarketScape: Worldwide Experience-Centric Intelligent Digital Workspaces 2024. With these accolades, we continue to grow and expand our employee community with people who are passionate about joining us on this exciting journey. Job Purpose As we continue to expand our market share in the rapidly emerging Employee Experience platform category, we are looking for an Application Security Manager. This role is responsible for building and executing a comprehensive application security programme that combines strategic oversight with hands-on technical execution. The Application Security Manager ensures that security is embedded throughout the software development lifecycle (SDLC), enabling Unily to deliver secure products at speed. The Application Security Manager will define and enforce secure development policies and practices, establish privacy by design principles, and mange the risk and escalation process. They will actively engage in technical assurance activities such as threat modelling, application testing, dependency analysis, cloud and container security assessments and CI/CD pipeline hardening. The role will act as both a strategic partner to leadership and a trusted advisor to engineering teams, being a customer facing point of contact when required. Main Responsibilities Define and maintain secure development policies and privacy by design requirements Own the risk acceptance and escalation process, maintaining the risk register Develop and measure the application security strategy levering frameworks such as OWASP SAMM Support RFPs and sales responses on application security matters Lead and coordinate external penetration testing engagements and remediation follow up Drive risk-based prioritisation, assigning and validating CVSS scores Deliver and manager secure development training programs Conduct and facilitate threat modelling and architecture and design security reviews Perform or coordinate application security testing Generate and manage software bills of materials (SBOMs) to manage supply chain risks Ensure build verification and oversee IaC and container/Kubernetes scanning within pipelines Provide guidance on secure cloud-native architectures Evaluate and apply security testing tools and techniques (e.g. Burpsuite, fuzzing, IaC scanners, Static Analysers) Contribute to security metrics, reports and dashboards Collaborate with engineering, operations and product teams to embed security best practices throughout the whole SDLC Requirements Proven experience in application security Strong knowledge of secure software development practices, DevSecOps and CI/CD security integration Hands on experience with application security testing tools and techniques (e.g. SAST, DAST, Dependency checkers, IaC scanners, secret detection, container security tools) Understanding of threat modelling, architecture and design reviews and offensive security principles Familiarity with compliance and regulatory frameworks Experience with risk acceptance processes, CVSS scoring and vulnerability management Experience managing external penetration testing vendors Familiarity with SBOMs and software supply chain security Strong background in cloud and container security Ability to communicate with technical and non-technical stakeholders Knowledge of data privacy regulations and GDPR, and how they intersect with application security Certifications such as CISSP, CSSLP, OSWE, OSCP or equivalents Degree in computer science, cyber security, related fields or equivalent experience We are united by a shared purpose and are committed to truly understanding each other. We know that everyone is unique and has their own story. We strive to have a diverse workforce that embraces and celebrates one another. We are united in building connections and curious to learn from each other so that we continue to grow together to build the workplace of tomorrow. Why Work For Unily? In addition to a generous base salary and discretionary company bonus, here are some things we think you will love: Our awesome team culture. We are focused on achieving results as a team and having fun while we do it. You won't find a friendlier or more dedicated bunch of people. Our industry leading product. We are very proud of our ever-evolving product, naturally we use (and love) it internally and provide the tools and resources for you (and our clients) to become a Unily expert. The flexibility that we offer. We don't just mean working from home occasionally. We operate on a hybrid basis, and also recognize that life happens during the 9-5.30 and encourage a sustainable work/life balance. Our bright and modern office spaces. When you need to be in the office we want it to be like being at home. We have a well-stocked kitchen and the option to bring your dog to work. We offer a fantastic suite of benefits. Including 25 days holiday plus an extra paid day off to enjoy your birthday, Vitality life cover (for health, sight, hearing and dental), Aviva pension (via a salary sacrifice scheme), life assurance, income protection and so many more. Our commitment to sustainability and giving back to the community.We know working for an organisation that takes its environmental & social impact seriously is important, and we are proud to offer 1 fully paid volunteering day per year, an employee matching charity donation scheme and options to lease an Electric Vehicle through our salary sacrifice scheme. View Unily's UK & EEA Careers Privacy Notice here View Unily's USA Careers Privacy Notice here
Cyber Security Analyst Hybrid: (infrequent travel) Reports to: Head of Cyber Security My client, an industry leader in their field, is seeking a talented Cyber Security Analyst to join their dynamic technology team. This is a unique opportunity to contribute to an organisation that is making a significant impact on sustainability. Key Responsibilities Identify and remediate security vulnerabilities in collaboration with internal stakeholders. Support compliance, audit, and assurance initiatives to ensure adherence to regulatory and industry standards. Provide input into the strategic direction of the organization's security practices. Monitor and respond to escalated security incidents. Participate in incident response activities, including out-of-hours support when necessary. Create, update, and enforce cybersecurity policies and procedures. Oversee user access management for systems and data. Deliver security training to employees using available tools and resources. Technical Competencies Essential Skills: Understanding of network security principles. Understanding of SIEM solutions. Familiarity with vulnerability management processes. Proficient in technical documentation. Knowledge of Microsoft tools (e.g., Defender, Exchange, Intune). Able to operate at 2nd line level. Desirable Skills: Experience in threat analysis and incident response. Hands-on experience with EDR solutions. Background in SOC operations or similar functions. Expertise in vulnerability management. Behavioural Competencies Analytical mindset with a keen attention to detail. Passionate about cybersecurity and staying informed of new developments. Able to remain composed and make sound decisions under pressure. Collaborative and effective team player. Proactive in learning about emerging security risks and solutions. Qualifications & Experience Recognised industry certifications or equivalent experience (e.g. GIAC, CompTIA, OSCP). At least 2 years of professional experience in cybersecurity roles. Additional Information The position offers an exciting challenge within a fast-paced environment where your expertise will make a meaningful impact. If you are looking for a rewarding role in cybersecurity, please reach out to discuss this opportunity further.
Mar 18, 2025
Full time
Cyber Security Analyst Hybrid: (infrequent travel) Reports to: Head of Cyber Security My client, an industry leader in their field, is seeking a talented Cyber Security Analyst to join their dynamic technology team. This is a unique opportunity to contribute to an organisation that is making a significant impact on sustainability. Key Responsibilities Identify and remediate security vulnerabilities in collaboration with internal stakeholders. Support compliance, audit, and assurance initiatives to ensure adherence to regulatory and industry standards. Provide input into the strategic direction of the organization's security practices. Monitor and respond to escalated security incidents. Participate in incident response activities, including out-of-hours support when necessary. Create, update, and enforce cybersecurity policies and procedures. Oversee user access management for systems and data. Deliver security training to employees using available tools and resources. Technical Competencies Essential Skills: Understanding of network security principles. Understanding of SIEM solutions. Familiarity with vulnerability management processes. Proficient in technical documentation. Knowledge of Microsoft tools (e.g., Defender, Exchange, Intune). Able to operate at 2nd line level. Desirable Skills: Experience in threat analysis and incident response. Hands-on experience with EDR solutions. Background in SOC operations or similar functions. Expertise in vulnerability management. Behavioural Competencies Analytical mindset with a keen attention to detail. Passionate about cybersecurity and staying informed of new developments. Able to remain composed and make sound decisions under pressure. Collaborative and effective team player. Proactive in learning about emerging security risks and solutions. Qualifications & Experience Recognised industry certifications or equivalent experience (e.g. GIAC, CompTIA, OSCP). At least 2 years of professional experience in cybersecurity roles. Additional Information The position offers an exciting challenge within a fast-paced environment where your expertise will make a meaningful impact. If you are looking for a rewarding role in cybersecurity, please reach out to discuss this opportunity further.
A multinational semiconductor and software design company is seeking a Security Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35. Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into Microsoft Sentinel SIEM. Required Skills and Experience: Demonstrated ability in cybersecurity, with at least 3 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automation standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations. Vendor-specific certifications for Security orchestration, automation, and response (SOAR) platforms (e.g., Sentinel SOAR, Splunk SOAR, Palo Alto Cortex XSOAR). Experience contributing to large-scale, sprint-based, security automation and detection engineering projects. Desirable Skills and Experience: Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights for technical and non-technical partners. Meticulous focus on ensuring accuracy, reliability, and security in automation workflows Consistent record of implementing automation and integration solutions in a SOC or similar environment Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Mar 08, 2025
Contractor
A multinational semiconductor and software design company is seeking a Security Automation & Detection Engineer for a 6-month contract to start ASAP, based in Cambridge (Hybrid), Inside IR35. Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into Microsoft Sentinel SIEM. Required Skills and Experience: Demonstrated ability in cybersecurity, with at least 3 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automation standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations. Vendor-specific certifications for Security orchestration, automation, and response (SOAR) platforms (e.g., Sentinel SOAR, Splunk SOAR, Palo Alto Cortex XSOAR). Experience contributing to large-scale, sprint-based, security automation and detection engineering projects. Desirable Skills and Experience: Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights for technical and non-technical partners. Meticulous focus on ensuring accuracy, reliability, and security in automation workflows Consistent record of implementing automation and integration solutions in a SOC or similar environment Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
BASIS and Security & Access Analyst Proud to deliver high quality products and develop a high-quality career Salary - £50,000 - £55,000 Benefits - Life Assurance (1 x salary), 25 days holiday plus 8 bank holidays as standard (may vary by role), Private medical insurance (after 5 years' service) Location - Spalding Hybrid Working 8:30am to 5:00pm - Monday to Friday (37.5 hours per week) Contract Type - Permanent Why join us? We're constantly evolving, progressing and diversifying. And we want our people to do so too. For everyone to feel empowered, engaged and enabled. To create opportunities to move forward, climb higher and push for more. About the role We are seeking a highly skilled and experienced BASIS and Security & Access Analyst to join our dynamic IT support team (S4/HANA). In this role, you will be responsible for the administration, configuration, and optimization of the SAP S/4HANA environment, ensuring seamless operation, system stability, security, and compliance with access control policies. The ideal candidate will have expertise in SAP BASIS, SAP Security, and user access management, along with a deep understanding of the latest SAP S/4HANA technologies. Main Duties System Monitoring and Performance Tuning: Monitor and optimize the performance of SAP S/4HANA environments, including system resources, memory, and database performance. Proactively resolve system issues and bottlenecks. System Maintenance: Perform regular SAP S/4HANA system upgrades, patches, and transports. Ensure that all maintenance activities are completed in line with best practices. Landscape Management: Manage the SAP landscape, including multiple instances (e.g., development, testing, production) and ensure smooth integration between the SAP system, database, and other enterprise applications. Backup and Disaster Recovery: Implement and maintain SAP S/4HANA backup strategies and disaster recovery procedures to ensure data integrity and minimal downtime. User Access Control: Implement, monitor, and maintain user roles, profiles, and authorizations to ensure proper access to SAP S/4HANA modules and sensitive data. Security Configuration: Configure and maintain SAP security settings, including user authentication, Single Sign-On (SSO), and password policies. Manage integration with Active Directory (AD) or other identity management solutions. Segregation of Duties (SoD): Identify and mitigate potential Segregation of Duties (SoD) violations by reviewing and adjusting user roles, ensuring compliance with internal controls and audit requirements. Audit and Compliance: Conduct regular security audits to identify vulnerabilities or compliance issues and implement corrective actions. Maintain audit trails of user access and activities within the SAP environment. Security Patches and Vulnerability Management: Stay up to date with SAP security patches and vulnerabilities. Apply necessary patches and security updates to the SAP landscape to safeguard against threats. Transport Management: Oversee the transport process for moving changes between SAP environments. Ensure that all transports are properly tested and validated before being deployed to production. Change Management: Work with the Change Management team to manage changes to the SAP environment. Ensure that changes are documented, approved, and implemented following the organization's change control processes. System Issue Resolution: Act as a key point of contact for troubleshooting and resolving system issues related to BASIS or security and access, collaborating with SAP Functional, Development, and Basis teams as needed. User Support: Provide technical support for SAP users, resolving issues related to access, system performance, and security configurations. Documentation: Create and maintain comprehensive documentation for system configurations, access control policies, security settings, and incident resolution processes. Reporting: Generate reports on system performance, security incidents, user access audits, and compliance metrics as requested by management or external auditors. Process Improvement: Continuously monitor and identify opportunities for improving system performance, security posture, and access management processes. Training and Knowledge Sharing: Share knowledge and provide training on SAP BASIS and security practices to other team members and end-users as needed. About you Significant hands-on experience in SAP BASIS administration, with experience specifically in SAP S/4HANA environments. Solid experience in SAP Security, including user roles, profiles, and access control. Knowledge of SAP S/4HANA database and its administration. Familiarity with transport management and SAP change control processes. Experience with segregation of duties (SoD) and SAP security audits. SAP S/4HANA Administration and Configuration. Knowledge of SAP Cloud Platform and cloud-based SAP solutions is desirable. Experience with automation tools for BASIS or security management (e.g., SAP scripting, batch jobs). Experience in process optimization and driving business value through system improvements. Excellent verbal and written communication skills, with the ability to communicate technical information to non-technical users. Ability to work collaboratively in a team environment and manage relationships with internal stakeholders. Strong analytical and problem-solving skills with the ability to identify issues and propose practical solutions in a timely manner. SAP certification in relevant modules (e.g., SAP S/4HANA or ECC certifications). Experience in managing interfaces between SAP and third-party systems. What you'll receive. As an equal opportunity employer, we're committed to providing a safe and rewarding environment for you to thrive in. This is why we work hard to deliver benefits, rewards and wellbeing offerings that are important to you. You'll enjoy: Life Assurance (1 x salary) 25 days holiday plus 8 bank holidays as standard (may vary by role) Private medical insurance (after 5 years' service) Staff Shop Stakeholder Pension Scheme Discount & cashback platform Personal Accident Insurance Free health check Employee Assistance Programme A range of voluntary benefits (holiday purchase scheme, additional life assurance, dental & hospital cash plans) Salary sacrifice car lease scheme Free independent mortgage advice Discounted tutoring for children Access to financial learning tools and affordable loans via your salary Free car parking - Site dependant Plus, a commitment to your wellbeing that includes emotional, physical and financial support services delivered by our fantastic team of wellbeing champions. Proud to be Bakkavor We're proud to be the market leader in the UK fresh prepared food industry. We're proud to supply meals, salads, desserts, pizza and bread to leading grocery retailers including Tesco, M&S, Sainsbury's and Waitrose. We're driven by the hard work and passion of our people and are delighted to offer a wide range of careers across our business - come and join our dedicated Bakkavor team! Find out more and apply.
Mar 08, 2025
Full time
BASIS and Security & Access Analyst Proud to deliver high quality products and develop a high-quality career Salary - £50,000 - £55,000 Benefits - Life Assurance (1 x salary), 25 days holiday plus 8 bank holidays as standard (may vary by role), Private medical insurance (after 5 years' service) Location - Spalding Hybrid Working 8:30am to 5:00pm - Monday to Friday (37.5 hours per week) Contract Type - Permanent Why join us? We're constantly evolving, progressing and diversifying. And we want our people to do so too. For everyone to feel empowered, engaged and enabled. To create opportunities to move forward, climb higher and push for more. About the role We are seeking a highly skilled and experienced BASIS and Security & Access Analyst to join our dynamic IT support team (S4/HANA). In this role, you will be responsible for the administration, configuration, and optimization of the SAP S/4HANA environment, ensuring seamless operation, system stability, security, and compliance with access control policies. The ideal candidate will have expertise in SAP BASIS, SAP Security, and user access management, along with a deep understanding of the latest SAP S/4HANA technologies. Main Duties System Monitoring and Performance Tuning: Monitor and optimize the performance of SAP S/4HANA environments, including system resources, memory, and database performance. Proactively resolve system issues and bottlenecks. System Maintenance: Perform regular SAP S/4HANA system upgrades, patches, and transports. Ensure that all maintenance activities are completed in line with best practices. Landscape Management: Manage the SAP landscape, including multiple instances (e.g., development, testing, production) and ensure smooth integration between the SAP system, database, and other enterprise applications. Backup and Disaster Recovery: Implement and maintain SAP S/4HANA backup strategies and disaster recovery procedures to ensure data integrity and minimal downtime. User Access Control: Implement, monitor, and maintain user roles, profiles, and authorizations to ensure proper access to SAP S/4HANA modules and sensitive data. Security Configuration: Configure and maintain SAP security settings, including user authentication, Single Sign-On (SSO), and password policies. Manage integration with Active Directory (AD) or other identity management solutions. Segregation of Duties (SoD): Identify and mitigate potential Segregation of Duties (SoD) violations by reviewing and adjusting user roles, ensuring compliance with internal controls and audit requirements. Audit and Compliance: Conduct regular security audits to identify vulnerabilities or compliance issues and implement corrective actions. Maintain audit trails of user access and activities within the SAP environment. Security Patches and Vulnerability Management: Stay up to date with SAP security patches and vulnerabilities. Apply necessary patches and security updates to the SAP landscape to safeguard against threats. Transport Management: Oversee the transport process for moving changes between SAP environments. Ensure that all transports are properly tested and validated before being deployed to production. Change Management: Work with the Change Management team to manage changes to the SAP environment. Ensure that changes are documented, approved, and implemented following the organization's change control processes. System Issue Resolution: Act as a key point of contact for troubleshooting and resolving system issues related to BASIS or security and access, collaborating with SAP Functional, Development, and Basis teams as needed. User Support: Provide technical support for SAP users, resolving issues related to access, system performance, and security configurations. Documentation: Create and maintain comprehensive documentation for system configurations, access control policies, security settings, and incident resolution processes. Reporting: Generate reports on system performance, security incidents, user access audits, and compliance metrics as requested by management or external auditors. Process Improvement: Continuously monitor and identify opportunities for improving system performance, security posture, and access management processes. Training and Knowledge Sharing: Share knowledge and provide training on SAP BASIS and security practices to other team members and end-users as needed. About you Significant hands-on experience in SAP BASIS administration, with experience specifically in SAP S/4HANA environments. Solid experience in SAP Security, including user roles, profiles, and access control. Knowledge of SAP S/4HANA database and its administration. Familiarity with transport management and SAP change control processes. Experience with segregation of duties (SoD) and SAP security audits. SAP S/4HANA Administration and Configuration. Knowledge of SAP Cloud Platform and cloud-based SAP solutions is desirable. Experience with automation tools for BASIS or security management (e.g., SAP scripting, batch jobs). Experience in process optimization and driving business value through system improvements. Excellent verbal and written communication skills, with the ability to communicate technical information to non-technical users. Ability to work collaboratively in a team environment and manage relationships with internal stakeholders. Strong analytical and problem-solving skills with the ability to identify issues and propose practical solutions in a timely manner. SAP certification in relevant modules (e.g., SAP S/4HANA or ECC certifications). Experience in managing interfaces between SAP and third-party systems. What you'll receive. As an equal opportunity employer, we're committed to providing a safe and rewarding environment for you to thrive in. This is why we work hard to deliver benefits, rewards and wellbeing offerings that are important to you. You'll enjoy: Life Assurance (1 x salary) 25 days holiday plus 8 bank holidays as standard (may vary by role) Private medical insurance (after 5 years' service) Staff Shop Stakeholder Pension Scheme Discount & cashback platform Personal Accident Insurance Free health check Employee Assistance Programme A range of voluntary benefits (holiday purchase scheme, additional life assurance, dental & hospital cash plans) Salary sacrifice car lease scheme Free independent mortgage advice Discounted tutoring for children Access to financial learning tools and affordable loans via your salary Free car parking - Site dependant Plus, a commitment to your wellbeing that includes emotional, physical and financial support services delivered by our fantastic team of wellbeing champions. Proud to be Bakkavor We're proud to be the market leader in the UK fresh prepared food industry. We're proud to supply meals, salads, desserts, pizza and bread to leading grocery retailers including Tesco, M&S, Sainsbury's and Waitrose. We're driven by the hard work and passion of our people and are delighted to offer a wide range of careers across our business - come and join our dedicated Bakkavor team! Find out more and apply.
Join a fast-growing cybersecurity team within a leading Managed Service Provider specializing in Data Centre and Cybersecurity solutions. As the Vulnerability Manager, you'll be the go-to expert for managing and resolving vulnerabilities across customer environments, utilizing tools such as Tenable, Microsoft Defender, and Qualys VM. This is a critical role focused on vulnerability management, with no incident response responsibilities. Responsibilities: Oversee vulnerability management (VM) across customer environments using Tenable, Defender, and Qualys VM. Act as the primary point of contact for vulnerability-related issues for both customers and internal teams. Collaborate closely with customers to ensure vulnerabilities are effectively resolved. Own the Vulnerability management process end-to-end, driving remediation and ensuring continuous improvement. Build and maintain strong customer relationships, ensuring confidence in your expertise and recommendations. Skills/Must have: Senior-level experience in vulnerability management, with a proven ability to manage customer relationships. Strong knowledge of Tenable, Microsoft Defender, or Qualys VM. Ability to confidently communicate complex vulnerability issues and solutions. Experience working within an MSP environment is highly desirable. Relevant certifications in cybersecurity or vulnerability management. Open to experienced Analysts with significant VM tool expertise and customer-facing experience. Benefits: Opportunity to work with cutting-edge cybersecurity tools and technologies. Join a dynamic and rapidly growing cybersecurity team within a leading MSP. Hybrid working model (3 days onsite in Staines or York). Salary: 50,000 - 60,000.
Mar 07, 2025
Full time
Join a fast-growing cybersecurity team within a leading Managed Service Provider specializing in Data Centre and Cybersecurity solutions. As the Vulnerability Manager, you'll be the go-to expert for managing and resolving vulnerabilities across customer environments, utilizing tools such as Tenable, Microsoft Defender, and Qualys VM. This is a critical role focused on vulnerability management, with no incident response responsibilities. Responsibilities: Oversee vulnerability management (VM) across customer environments using Tenable, Defender, and Qualys VM. Act as the primary point of contact for vulnerability-related issues for both customers and internal teams. Collaborate closely with customers to ensure vulnerabilities are effectively resolved. Own the Vulnerability management process end-to-end, driving remediation and ensuring continuous improvement. Build and maintain strong customer relationships, ensuring confidence in your expertise and recommendations. Skills/Must have: Senior-level experience in vulnerability management, with a proven ability to manage customer relationships. Strong knowledge of Tenable, Microsoft Defender, or Qualys VM. Ability to confidently communicate complex vulnerability issues and solutions. Experience working within an MSP environment is highly desirable. Relevant certifications in cybersecurity or vulnerability management. Open to experienced Analysts with significant VM tool expertise and customer-facing experience. Benefits: Opportunity to work with cutting-edge cybersecurity tools and technologies. Join a dynamic and rapidly growing cybersecurity team within a leading MSP. Hybrid working model (3 days onsite in Staines or York). Salary: 50,000 - 60,000.
Site Name: Home Worker - USA, Home Worker - GBR Posted Date: Feb Are you energized by the opportunity of contributing to expanding an organization's threat intelligence program to understand those most critical threats and deliver better protection to the business? If so, this role could be an excellent opportunity to explore. The Senior Manager of Threat Intelligence will oversee the database architecture, design, and operations supporting the Cyber Threat Intelligence (CTI) Threat Intelligence Platform (TIP). You work closely with leadership to develop technical requirements and identify solutions to meet the technical requirements of the TIP. The role will monitor intelligence provided to CTI via the TIP; the analyst will proactively identify key intelligence gaps, then collaborate with various cybersecurity teams to successfully mitigate said gaps. The Senior Manager of Threat Intelligence will automate via a TIP platform the preparation and delivery of written and verbal briefings to message cyber threat actor Tactics, Techniques & Procedure findings to cybersecurity teams across all enterprise levels. This role will allow YOU to lead key activities to progress YOUR career; these responsibilities include some of the following Lead or participate in developing feasibility studies, designs, and operations support plans for the TIP. Use agile and traditional data modeling techniques to elaborate and clarify project requirements for the TIP. Develop manual and automated intelligence reporting evaluation and dissemination processes via a TIP that analyze GSK's ability to mitigate cyber-attacks across business and technology environments. Proactively report on progress, risks, and issues with GSK TIP to the team and senior leadership. Provide intelligence collection support by coordinating/collaborating on requirements with multiple 3rd party intelligence vendors and internal GSK teams to include (but not limited to); Security Operations Center (SOC) Teams, Pen Testing Teams, Incident Response Teams, Digital Forensics, Vulnerability Management Team, and Management/Executive Teams. Research, develop, draft, coordinate, monitor, and task collection requirements via multiple GSK Business Units and 3rd Party Vendor platforms. Develop manual and automated intelligence reporting evaluation and dissemination processes via a Threat Intelligence Platform (TIP) that analyzes GSK's ability to mitigate cyber-attacks across business and technology environments. Via inherent TIP collaborative functions, identify areas for potential attacks and systemic security issues related to threats and vulnerabilities, including dissemination of data to internal GSK cyber security teams for support to provide recommendations to leadership for enhancements or remediation. Develop and review project documentation. Maintain and identify new system knowledge bases. Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in computer science or related fields or 10+ years of industry experience. 5+ years' experience in cyber threat intelligence. 5+ years' experience working with TIP methodologies to visualize represent data and process flows in an enterprise. 2+ years' experience in incident response handling procedures and the MITRE ATT&CK framework. Preferred Qualifications: If you have the following characteristics, it would be a plus: Python experience. Strong experience in cyber security setup for large enterprises. Experience with central and geographically dispersed network Incident Response best practices. Create simulation to demonstrate and showcase real-world threats supporting Incident Response, Digital Forensics, and Pen Testing team initiatives. Experience with any Public Cloud (AWS/ GCP/Azure). Established track record in relational database management systems and business intelligence technical administration. Ability to facilitate the management of cyber threat intelligence and associated entities such as actors, campaigns, incidents, signatures, bulletins, and TTP. Ability to contribute to project planning and management as one member of a small, highly skilled, self-directed team. Ability to tailor project technical and operations management templates as required. Exceptional communication skills have led to the ability to summarize and present complex issues cogently, accurately, and tailored to the audience, whether in writing or orally. Candidates will have strong interpersonal skills to work effectively with external and internal healthcare/pharmaceutical industry personnel at all levels of seniority and create dynamic networks for collaboration.
Feb 21, 2025
Full time
Site Name: Home Worker - USA, Home Worker - GBR Posted Date: Feb Are you energized by the opportunity of contributing to expanding an organization's threat intelligence program to understand those most critical threats and deliver better protection to the business? If so, this role could be an excellent opportunity to explore. The Senior Manager of Threat Intelligence will oversee the database architecture, design, and operations supporting the Cyber Threat Intelligence (CTI) Threat Intelligence Platform (TIP). You work closely with leadership to develop technical requirements and identify solutions to meet the technical requirements of the TIP. The role will monitor intelligence provided to CTI via the TIP; the analyst will proactively identify key intelligence gaps, then collaborate with various cybersecurity teams to successfully mitigate said gaps. The Senior Manager of Threat Intelligence will automate via a TIP platform the preparation and delivery of written and verbal briefings to message cyber threat actor Tactics, Techniques & Procedure findings to cybersecurity teams across all enterprise levels. This role will allow YOU to lead key activities to progress YOUR career; these responsibilities include some of the following Lead or participate in developing feasibility studies, designs, and operations support plans for the TIP. Use agile and traditional data modeling techniques to elaborate and clarify project requirements for the TIP. Develop manual and automated intelligence reporting evaluation and dissemination processes via a TIP that analyze GSK's ability to mitigate cyber-attacks across business and technology environments. Proactively report on progress, risks, and issues with GSK TIP to the team and senior leadership. Provide intelligence collection support by coordinating/collaborating on requirements with multiple 3rd party intelligence vendors and internal GSK teams to include (but not limited to); Security Operations Center (SOC) Teams, Pen Testing Teams, Incident Response Teams, Digital Forensics, Vulnerability Management Team, and Management/Executive Teams. Research, develop, draft, coordinate, monitor, and task collection requirements via multiple GSK Business Units and 3rd Party Vendor platforms. Develop manual and automated intelligence reporting evaluation and dissemination processes via a Threat Intelligence Platform (TIP) that analyzes GSK's ability to mitigate cyber-attacks across business and technology environments. Via inherent TIP collaborative functions, identify areas for potential attacks and systemic security issues related to threats and vulnerabilities, including dissemination of data to internal GSK cyber security teams for support to provide recommendations to leadership for enhancements or remediation. Develop and review project documentation. Maintain and identify new system knowledge bases. Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in computer science or related fields or 10+ years of industry experience. 5+ years' experience in cyber threat intelligence. 5+ years' experience working with TIP methodologies to visualize represent data and process flows in an enterprise. 2+ years' experience in incident response handling procedures and the MITRE ATT&CK framework. Preferred Qualifications: If you have the following characteristics, it would be a plus: Python experience. Strong experience in cyber security setup for large enterprises. Experience with central and geographically dispersed network Incident Response best practices. Create simulation to demonstrate and showcase real-world threats supporting Incident Response, Digital Forensics, and Pen Testing team initiatives. Experience with any Public Cloud (AWS/ GCP/Azure). Established track record in relational database management systems and business intelligence technical administration. Ability to facilitate the management of cyber threat intelligence and associated entities such as actors, campaigns, incidents, signatures, bulletins, and TTP. Ability to contribute to project planning and management as one member of a small, highly skilled, self-directed team. Ability to tailor project technical and operations management templates as required. Exceptional communication skills have led to the ability to summarize and present complex issues cogently, accurately, and tailored to the audience, whether in writing or orally. Candidates will have strong interpersonal skills to work effectively with external and internal healthcare/pharmaceutical industry personnel at all levels of seniority and create dynamic networks for collaboration.
You will need to login before you can apply for a job. Site Name: Home Worker - USA, Home Worker - GBR Posted Date: Feb Are you energized by the opportunity of contributing to expanding an organization's threat intelligence program to understand those most critical threats and deliver better protection to the business? If so, this role could be an excellent opportunity to explore. The Senior Manager of Threat Intelligence will oversee the database architecture, design, and operations supporting the Cyber Threat Intelligence (CTI) Threat Intelligence Platform (TIP). You work closely with leadership to develop technical requirements and identify solutions to meet the technical requirements of the TIP. The role will monitor intelligence provided to CTI via the TIP; the analyst will proactively identify key intelligence gaps, then collaborate with various cybersecurity teams to successfully mitigate said gaps. The Senior Manager of Threat Intelligence will automate via a TIP platform the preparation and delivery of written and verbal briefings to message cyber threat actor Tactics, Techniques & Procedure findings to cybersecurity teams across all enterprise levels. This role will allow YOU to lead key activities to progress YOUR career; these responsibilities include some of the following Lead or participate in developing feasibility studies, designs, and operations support plans for the TIP. Use agile and traditional data modeling techniques to elaborate and clarify project requirements for the TIP. Develop manual and automated intelligence reporting evaluation and dissemination processes via a TIP that analyze GSK's ability to mitigate cyber-attacks across business and technology environments. Proactively report on progress, risks, and issues with GSK TIP to the team and senior leadership. Provide intelligence collection support by coordinating/collaborating on requirements with multiple 3rd party intelligence vendors and internal GSK teams to include (but not limited to); Security Operations Center (SOC) Teams, Pen Testing Teams, Incident Response Teams, Digital Forensics, Vulnerability Management Team, and Management/Executive Teams. Research, develop, draft, coordinate, monitor, and task collection requirements via multiple GSK Business Units and 3rd Party Vendor platforms. Develop and review project documentation. Maintain and identify new system knowledge bases. Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in computer science or related fields or 10+ years of industry experience. 5+ years' experience in cyber threat intelligence 5+ years' experience working with TIP methodologies to visualize represent data and process flows in an enterprise 2+ years' experience in incident response handling procedures and the MITRE ATT&CK framework Preferred Qualifications: If you have the following characteristics, it would be a plus: Python experience. Strong experience in cyber security setup for large enterprises. Experience with central and geographically dispersed network Incident Response best practices. Create simulation to demonstrate and showcase real-world threats supporting Incident Response, Digital Forensics, and Pen Testing team initiatives. Experience with any Public Cloud (AWS/ GCP/Azure). Established track record in relational database management systems and business intelligence technical administration. Ability to facilitate the management of cyber threat intelligence and associated entities such as actors, campaigns, incidents, signatures, bulletins, and TTP. Ability to contribute to project planning and management as one member of a small, highly skilled, self-directed team. Ability to tailor project technical and operations management templates as required. Exceptional communication skills have led to the ability to summarize and present complex issues cogently, accurately, and tailored to the audience, whether in writing or orally. Candidates will have strong interpersonal skills to work effectively with external and internal healthcare/pharmaceutical industry personnel at all levels of seniority and create dynamic networks for collaboration. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a special purpose - to unite science, technology and talent to get ahead of disease together - so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns - as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology). Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it's also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves - feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
Feb 21, 2025
Full time
You will need to login before you can apply for a job. Site Name: Home Worker - USA, Home Worker - GBR Posted Date: Feb Are you energized by the opportunity of contributing to expanding an organization's threat intelligence program to understand those most critical threats and deliver better protection to the business? If so, this role could be an excellent opportunity to explore. The Senior Manager of Threat Intelligence will oversee the database architecture, design, and operations supporting the Cyber Threat Intelligence (CTI) Threat Intelligence Platform (TIP). You work closely with leadership to develop technical requirements and identify solutions to meet the technical requirements of the TIP. The role will monitor intelligence provided to CTI via the TIP; the analyst will proactively identify key intelligence gaps, then collaborate with various cybersecurity teams to successfully mitigate said gaps. The Senior Manager of Threat Intelligence will automate via a TIP platform the preparation and delivery of written and verbal briefings to message cyber threat actor Tactics, Techniques & Procedure findings to cybersecurity teams across all enterprise levels. This role will allow YOU to lead key activities to progress YOUR career; these responsibilities include some of the following Lead or participate in developing feasibility studies, designs, and operations support plans for the TIP. Use agile and traditional data modeling techniques to elaborate and clarify project requirements for the TIP. Develop manual and automated intelligence reporting evaluation and dissemination processes via a TIP that analyze GSK's ability to mitigate cyber-attacks across business and technology environments. Proactively report on progress, risks, and issues with GSK TIP to the team and senior leadership. Provide intelligence collection support by coordinating/collaborating on requirements with multiple 3rd party intelligence vendors and internal GSK teams to include (but not limited to); Security Operations Center (SOC) Teams, Pen Testing Teams, Incident Response Teams, Digital Forensics, Vulnerability Management Team, and Management/Executive Teams. Research, develop, draft, coordinate, monitor, and task collection requirements via multiple GSK Business Units and 3rd Party Vendor platforms. Develop and review project documentation. Maintain and identify new system knowledge bases. Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in computer science or related fields or 10+ years of industry experience. 5+ years' experience in cyber threat intelligence 5+ years' experience working with TIP methodologies to visualize represent data and process flows in an enterprise 2+ years' experience in incident response handling procedures and the MITRE ATT&CK framework Preferred Qualifications: If you have the following characteristics, it would be a plus: Python experience. Strong experience in cyber security setup for large enterprises. Experience with central and geographically dispersed network Incident Response best practices. Create simulation to demonstrate and showcase real-world threats supporting Incident Response, Digital Forensics, and Pen Testing team initiatives. Experience with any Public Cloud (AWS/ GCP/Azure). Established track record in relational database management systems and business intelligence technical administration. Ability to facilitate the management of cyber threat intelligence and associated entities such as actors, campaigns, incidents, signatures, bulletins, and TTP. Ability to contribute to project planning and management as one member of a small, highly skilled, self-directed team. Ability to tailor project technical and operations management templates as required. Exceptional communication skills have led to the ability to summarize and present complex issues cogently, accurately, and tailored to the audience, whether in writing or orally. Candidates will have strong interpersonal skills to work effectively with external and internal healthcare/pharmaceutical industry personnel at all levels of seniority and create dynamic networks for collaboration. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a special purpose - to unite science, technology and talent to get ahead of disease together - so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns - as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology). Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it's also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves - feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
You will need to login before you can apply for a job. dunnhumby is the global leader in Customer Data Science, empowering businesses everywhere to compete and thrive in the modern data-driven economy. We always put the Customer First. Our mission: to enable businesses to grow and reimagine themselves by becoming advocates and champions for their Customers. With deep heritage and expertise in retail - one of the world's most competitive markets, with a deluge of multi-dimensional data - dunnhumby today enables businesses all over the world, across industries, to be Customer First. dunnhumby employs nearly 2,500 experts in offices throughout Europe, Asia, Africa, and the Americas working for transformative, iconic brands such as Tesco, Coca-Cola, Meijer, Procter & Gamble and Metro. We're looking for a Security Operations Analyst who expects more from their career. It's a chance to extend and improve dunnhumby's InfoSec Team. It's an opportunity to work with a market-leading business to explore new opportunities for us and influence global retailers. You maintain a strong understanding of Tools, Tactics and Procedures (TTP's) used in advanced threats, continuous monitoring, incident response, know how to detect and monitor for these threats, as well as how to mitigate them. We want to find the best candidates for the role, so the following list should be viewed as a list of desired experience for the role, but not all are mandatory. You will have a strong understanding of as many of the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware / EDR Software (Carbon Black, Microsoft Defender ATP, FireEye, CrowdStrike) Intrusion Detection/Prevention Systems (IDS/IPS) (Suricata, Snort, Bro, Cisco, Palo Alto) Web Proxies (Bluecoat, Zscaler, Squid, Cisco/OpenDNS Umbrella) Networking & Firewalls (Cisco, Palo Alto, Checkpoint) Programming (Python, or other languages) What you can expect from us We won't just meet your expectations. We'll defy them. So you'll enjoy the comprehensive rewards package you'd expect from a leading technology company. But also, a degree of personal flexibility you might not expect. Plus, thoughtful perks, like flexible working hours and your birthday off. You'll also benefit from an investment in cutting-edge technology that reflects our global ambition. But with a nimble, small-business feel that gives you the freedom to play, experiment and learn. And we don't just talk about diversity and inclusion. We live it every day - with thriving networks including dh Gender Equality Network, dh Proud, dh Family, dh One and dh Thrive as the living proof. We want everyone to have the opportunity to shine and perform at your best throughout our recruitment process. Please let us know how we can make this process work best for you. Our approach to Flexible Working At dunnhumby, we value and respect difference and are committed to building an inclusive culture by creating an environment where you can balance a successful career with your commitments and interests outside of work. We believe that you will do your best at work if you have a work / life balance. Some roles lend themselves to flexible options more than others, so if this is important to you please raise this with your recruiter, as we are open to discussing agile working opportunities during the hiring process.
Feb 20, 2025
Full time
You will need to login before you can apply for a job. dunnhumby is the global leader in Customer Data Science, empowering businesses everywhere to compete and thrive in the modern data-driven economy. We always put the Customer First. Our mission: to enable businesses to grow and reimagine themselves by becoming advocates and champions for their Customers. With deep heritage and expertise in retail - one of the world's most competitive markets, with a deluge of multi-dimensional data - dunnhumby today enables businesses all over the world, across industries, to be Customer First. dunnhumby employs nearly 2,500 experts in offices throughout Europe, Asia, Africa, and the Americas working for transformative, iconic brands such as Tesco, Coca-Cola, Meijer, Procter & Gamble and Metro. We're looking for a Security Operations Analyst who expects more from their career. It's a chance to extend and improve dunnhumby's InfoSec Team. It's an opportunity to work with a market-leading business to explore new opportunities for us and influence global retailers. You maintain a strong understanding of Tools, Tactics and Procedures (TTP's) used in advanced threats, continuous monitoring, incident response, know how to detect and monitor for these threats, as well as how to mitigate them. We want to find the best candidates for the role, so the following list should be viewed as a list of desired experience for the role, but not all are mandatory. You will have a strong understanding of as many of the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware / EDR Software (Carbon Black, Microsoft Defender ATP, FireEye, CrowdStrike) Intrusion Detection/Prevention Systems (IDS/IPS) (Suricata, Snort, Bro, Cisco, Palo Alto) Web Proxies (Bluecoat, Zscaler, Squid, Cisco/OpenDNS Umbrella) Networking & Firewalls (Cisco, Palo Alto, Checkpoint) Programming (Python, or other languages) What you can expect from us We won't just meet your expectations. We'll defy them. So you'll enjoy the comprehensive rewards package you'd expect from a leading technology company. But also, a degree of personal flexibility you might not expect. Plus, thoughtful perks, like flexible working hours and your birthday off. You'll also benefit from an investment in cutting-edge technology that reflects our global ambition. But with a nimble, small-business feel that gives you the freedom to play, experiment and learn. And we don't just talk about diversity and inclusion. We live it every day - with thriving networks including dh Gender Equality Network, dh Proud, dh Family, dh One and dh Thrive as the living proof. We want everyone to have the opportunity to shine and perform at your best throughout our recruitment process. Please let us know how we can make this process work best for you. Our approach to Flexible Working At dunnhumby, we value and respect difference and are committed to building an inclusive culture by creating an environment where you can balance a successful career with your commitments and interests outside of work. We believe that you will do your best at work if you have a work / life balance. Some roles lend themselves to flexible options more than others, so if this is important to you please raise this with your recruiter, as we are open to discussing agile working opportunities during the hiring process.
The thing that makes your position so important at Equator is that you will be responsible for monitoring and maintaining our endpoints, threat intelligence, and vulnerability management solution. You have a solid background in networking and IT security and are able to create and manage security policies and respond to incidents. Main Responsibilities: Implement and manage the MDM solution. Configure and maintain endpoint devices according to company standards. Monitor and enforce security policies. Respond to security incidents and alerts. Oversee the implementation and adherence to the Threat Intelligence Policy. Align threat intelligence efforts with organizational security objectives and regulatory requirements. Review and adjust threat intelligence strategies regularly. Collect, process, analyze, and disseminate threat intelligence data. Maintain relationships with trusted threat intelligence sources. Implement defensive measures recommended by third-party assessments. Update network and system configurations based on threat intelligence insights. Assist in identifying key assets targeted by cyber threats. Monitor vulnerability information sources, conduct assessments, and coordinate remediation efforts. Report suspected vulnerabilities promptly to the IT Security Team. The Ideal Candidate: Relevant qualification in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., SC-200, SC-300, AZ-500, MS-102) are highly desirable. Proven experience in IT security, compliance, and risk management. Strong knowledge of MDM tools, endpoint configuration, and cloud security. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Strong organizational skills and attention to detail.
Feb 20, 2025
Full time
The thing that makes your position so important at Equator is that you will be responsible for monitoring and maintaining our endpoints, threat intelligence, and vulnerability management solution. You have a solid background in networking and IT security and are able to create and manage security policies and respond to incidents. Main Responsibilities: Implement and manage the MDM solution. Configure and maintain endpoint devices according to company standards. Monitor and enforce security policies. Respond to security incidents and alerts. Oversee the implementation and adherence to the Threat Intelligence Policy. Align threat intelligence efforts with organizational security objectives and regulatory requirements. Review and adjust threat intelligence strategies regularly. Collect, process, analyze, and disseminate threat intelligence data. Maintain relationships with trusted threat intelligence sources. Implement defensive measures recommended by third-party assessments. Update network and system configurations based on threat intelligence insights. Assist in identifying key assets targeted by cyber threats. Monitor vulnerability information sources, conduct assessments, and coordinate remediation efforts. Report suspected vulnerabilities promptly to the IT Security Team. The Ideal Candidate: Relevant qualification in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., SC-200, SC-300, AZ-500, MS-102) are highly desirable. Proven experience in IT security, compliance, and risk management. Strong knowledge of MDM tools, endpoint configuration, and cloud security. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Strong organizational skills and attention to detail.
Cyber Security Analyst Hybrid: (infrequent travel) Reports to: Head of Cyber Security My client, an industry leader in their field, is seeking a talented Cyber Security Analyst to join their dynamic technology team. This is a unique opportunity to contribute to an organisation that is making a significant impact on sustainability. Key Responsibilities Identify and remediate security vulnerabilities in collaboration with internal stakeholders. Support compliance, audit, and assurance initiatives to ensure adherence to regulatory and industry standards. Provide input into the strategic direction of the organization's security practices. Monitor and respond to escalated security incidents. Participate in incident response activities, including out-of-hours support when necessary. Create, update, and enforce cybersecurity policies and procedures. Oversee user access management for systems and data. Deliver security training to employees using available tools and resources. Technical Competencies Essential Skills: Understanding of network security principles. Understanding of SIEM solutions. Familiarity with vulnerability management processes. Proficient in technical documentation. Knowledge of Microsoft tools (e.g., Defender, Exchange, Intune). Able to operate at 2nd line level. Desirable Skills: Experience in threat analysis and incident response. Hands-on experience with EDR solutions. Background in SOC operations or similar functions. Expertise in vulnerability management. Behavioural Competencies Analytical mindset with a keen attention to detail. Passionate about cybersecurity and staying informed of new developments. Able to remain composed and make sound decisions under pressure. Collaborative and effective team player. Proactive in learning about emerging security risks and solutions. Qualifications & Experience Recognised industry certifications or equivalent experience (e.g. GIAC, CompTIA, OSCP). At least 2 years of professional experience in cybersecurity roles. Additional Information The position offers an exciting challenge within a fast-paced environment where your expertise will make a meaningful impact. If you are looking for a rewarding role in cybersecurity, please reach out to discuss this opportunity further.
Feb 18, 2025
Full time
Cyber Security Analyst Hybrid: (infrequent travel) Reports to: Head of Cyber Security My client, an industry leader in their field, is seeking a talented Cyber Security Analyst to join their dynamic technology team. This is a unique opportunity to contribute to an organisation that is making a significant impact on sustainability. Key Responsibilities Identify and remediate security vulnerabilities in collaboration with internal stakeholders. Support compliance, audit, and assurance initiatives to ensure adherence to regulatory and industry standards. Provide input into the strategic direction of the organization's security practices. Monitor and respond to escalated security incidents. Participate in incident response activities, including out-of-hours support when necessary. Create, update, and enforce cybersecurity policies and procedures. Oversee user access management for systems and data. Deliver security training to employees using available tools and resources. Technical Competencies Essential Skills: Understanding of network security principles. Understanding of SIEM solutions. Familiarity with vulnerability management processes. Proficient in technical documentation. Knowledge of Microsoft tools (e.g., Defender, Exchange, Intune). Able to operate at 2nd line level. Desirable Skills: Experience in threat analysis and incident response. Hands-on experience with EDR solutions. Background in SOC operations or similar functions. Expertise in vulnerability management. Behavioural Competencies Analytical mindset with a keen attention to detail. Passionate about cybersecurity and staying informed of new developments. Able to remain composed and make sound decisions under pressure. Collaborative and effective team player. Proactive in learning about emerging security risks and solutions. Qualifications & Experience Recognised industry certifications or equivalent experience (e.g. GIAC, CompTIA, OSCP). At least 2 years of professional experience in cybersecurity roles. Additional Information The position offers an exciting challenge within a fast-paced environment where your expertise will make a meaningful impact. If you are looking for a rewarding role in cybersecurity, please reach out to discuss this opportunity further.
CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position. QUALIFICATIONS, KEY REQUIREMENTS AND SKILLSET: 20+ years in cybersecurity and digital solutions engineering Proficiency in key generation, key lifecycle management, and risk management GSEC or Offensive Security Certified Professional (OSCP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) Certified Network Defender (CND) Information Systems Security Architecture Professional (ISSAP) Health Care Information Security and Privacy Practitioner (HCISPP) GIAC Certified Intrusion Analyst (GCIA) GIAC Security Leadership Certificate (GSLC) Information Systems Security Engineering Professional (ISSEP) Certified Ethical Hacker (CEH) Computer Hacking Forensics Investigator (CHFI) Information Assurance System Architecture and Engineer (IASAE) Certification in one of the listed DoD 8570 Certifications is prerequisite. INTERVIEW PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH CEO & CTO
Feb 18, 2025
Full time
CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space exploration & navigation, and integrate various tools into our systems of record to view interactions from a holistic risk management perspective. Areas to cover: Incident response and remediation Orchestrating and automating signals Prioritizing cases and incident response Cyber threat intelligence and dark web monitoring Vulnerability management and exposure management Building a resilient cybersecurity culture Introducing new risk management techniques will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary equipment to perform the job. ENVIRONMENT: This position will operate in the organization's regulatory "ROCKET FUEL MISSION INTELLIGENCE DIVISION" focusing on innovation and space exploration. Employees must be legally authorized to work in the UK. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position. QUALIFICATIONS, KEY REQUIREMENTS AND SKILLSET: 20+ years in cybersecurity and digital solutions engineering Proficiency in key generation, key lifecycle management, and risk management GSEC or Offensive Security Certified Professional (OSCP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) Certified Network Defender (CND) Information Systems Security Architecture Professional (ISSAP) Health Care Information Security and Privacy Practitioner (HCISPP) GIAC Certified Intrusion Analyst (GCIA) GIAC Security Leadership Certificate (GSLC) Information Systems Security Engineering Professional (ISSEP) Certified Ethical Hacker (CEH) Computer Hacking Forensics Investigator (CHFI) Information Assurance System Architecture and Engineer (IASAE) Certification in one of the listed DoD 8570 Certifications is prerequisite. INTERVIEW PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH CEO & CTO
