Please visit our careers site to find out more about working at Ki Job Details: Technology Resilience Manager Full details of the job. Vacancy Name Vacancy Name Technology Resilience Manager Employment Type Employment Type Permanent Location Location London Role Details Look at the latest headlines and you will see something Ki insures. Think space shuttles, world tours, wind farms, and even footballers' legs. Ki's mission is simple. Digitally disrupt and revolutionise a 335-year-old market. Working with Google and UCL, Ki has created a platform that uses algorithms, machine learning and large language models to give insurance brokers quotes in seconds, rather than days. Ki is proudly the biggest global algorithmic insurance carrier. It is the fastest growing syndicate in the Lloyd's of London market, and the first ever to make $100m in profit in 3 years. Ki's teams have varied backgrounds and work together in an agile, cross-functional way to build the very best experience for its customers. Ki has big ambitions but needs more excellent minds to challenge the status-quo and help it reach new horizons. Do you have keen interest in state-of-the art resilient technology and want to push the boundaries? We are seeking a person who is decisive, collaborative and calm under pressure, detail-oriented and analytical, to help us implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as helping to ensure current operational technology and applications are reliable and resilient. This role will suit an incident or IT disaster recovery manager, or someone with equivalent practical experience in technology operations, who is looking to broaden their skillset. After developing your specialist skills you are now looking for opportunities to grow and learn more about wider resilience, chaos engineering and cloud services - we will support, provide guidance and mentor you. Nevertheless, we are open to other experiences as we are creating a new diverse and dynamic team to build innovative ways of building and assessing operationally resilient technology services. Principal Accountabilities: - Business Impact Assessments & Risk Identification: Develop asset management strategies, lead business impact and vulnerability assessments, conduct threat modelling, and maintain risk identification frameworks. - Risk Assessment & Evaluation: Ensure compliance with governance policies, provide expertise on operational resilience, and support risk assessments for internal operations and third-party vendors. - Crisis & Incident Management: Lead the design and implementation of IT Disaster Recovery and Business Continuity plans, conduct simulations, and manage the Crisis and Major Incident Management Framework. - Risk Governance & Compliance: Support governance service administration, optimise processes for efficiency, and assist with audits and certifications. - Reporting & Documentation: Prepare technology risk reports, maintain governance documentation, and develop visualisations to enhance communication. - Management & Development: Promote awareness campaigns, research resilience strategies, and support team learning and development. Required skills & experience: - Experience in technology operations, ITSM including Service Asset and Configuration Management - Created incident response playbooks - Developed and tested recovery plans, identified and resolved gaps in resilience - Managed incidents and led responses to disruptions - Worked with external vendors and service providers to ensure service continuity - Knowledge of Operational Resilience regulations and frameworks - Familiarity with resilient architecture design principles - Reported on operational risks and resilience metrics to non-technical stakeholders - Influenced and coordinated cross-function teams Our culture: Inclusion & Diversity is at the heart of our business at Ki. We recognise that diversity in age, race, gender, ethnicity, sexual orientation, physical ability, thought and social background bring richness to our working environment. No matter who you are, where you're from, how you think, or who you love, we believe you should be you. Ki Values: • Know Your Customer: Put yourself in their shoes. Understand and balance the different needs of our customers, acting with integrity and empathy to create something excellent • Grow Together: Empower each other to succeed. Recognise the work of our teams, while celebrating individual success. Embrace diverse perspectives so we can develop and grow together. • Be Courageous: Think big, push boundaries. Don't be afraid to fail because that's how we learn. Test, adapt, improve - always strive to be better. You'll get a highly competitive remuneration and benefits package. This is kept under constant review to make sure it stays relevant. We understand the power of saying thank you and take time to acknowledge and reward extraordinary effort by teams or individuals. If this sounds like a role and a culture that appeals to you, apply now!
Aug 21, 2025
Full time
Please visit our careers site to find out more about working at Ki Job Details: Technology Resilience Manager Full details of the job. Vacancy Name Vacancy Name Technology Resilience Manager Employment Type Employment Type Permanent Location Location London Role Details Look at the latest headlines and you will see something Ki insures. Think space shuttles, world tours, wind farms, and even footballers' legs. Ki's mission is simple. Digitally disrupt and revolutionise a 335-year-old market. Working with Google and UCL, Ki has created a platform that uses algorithms, machine learning and large language models to give insurance brokers quotes in seconds, rather than days. Ki is proudly the biggest global algorithmic insurance carrier. It is the fastest growing syndicate in the Lloyd's of London market, and the first ever to make $100m in profit in 3 years. Ki's teams have varied backgrounds and work together in an agile, cross-functional way to build the very best experience for its customers. Ki has big ambitions but needs more excellent minds to challenge the status-quo and help it reach new horizons. Do you have keen interest in state-of-the art resilient technology and want to push the boundaries? We are seeking a person who is decisive, collaborative and calm under pressure, detail-oriented and analytical, to help us implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as helping to ensure current operational technology and applications are reliable and resilient. This role will suit an incident or IT disaster recovery manager, or someone with equivalent practical experience in technology operations, who is looking to broaden their skillset. After developing your specialist skills you are now looking for opportunities to grow and learn more about wider resilience, chaos engineering and cloud services - we will support, provide guidance and mentor you. Nevertheless, we are open to other experiences as we are creating a new diverse and dynamic team to build innovative ways of building and assessing operationally resilient technology services. Principal Accountabilities: - Business Impact Assessments & Risk Identification: Develop asset management strategies, lead business impact and vulnerability assessments, conduct threat modelling, and maintain risk identification frameworks. - Risk Assessment & Evaluation: Ensure compliance with governance policies, provide expertise on operational resilience, and support risk assessments for internal operations and third-party vendors. - Crisis & Incident Management: Lead the design and implementation of IT Disaster Recovery and Business Continuity plans, conduct simulations, and manage the Crisis and Major Incident Management Framework. - Risk Governance & Compliance: Support governance service administration, optimise processes for efficiency, and assist with audits and certifications. - Reporting & Documentation: Prepare technology risk reports, maintain governance documentation, and develop visualisations to enhance communication. - Management & Development: Promote awareness campaigns, research resilience strategies, and support team learning and development. Required skills & experience: - Experience in technology operations, ITSM including Service Asset and Configuration Management - Created incident response playbooks - Developed and tested recovery plans, identified and resolved gaps in resilience - Managed incidents and led responses to disruptions - Worked with external vendors and service providers to ensure service continuity - Knowledge of Operational Resilience regulations and frameworks - Familiarity with resilient architecture design principles - Reported on operational risks and resilience metrics to non-technical stakeholders - Influenced and coordinated cross-function teams Our culture: Inclusion & Diversity is at the heart of our business at Ki. We recognise that diversity in age, race, gender, ethnicity, sexual orientation, physical ability, thought and social background bring richness to our working environment. No matter who you are, where you're from, how you think, or who you love, we believe you should be you. Ki Values: • Know Your Customer: Put yourself in their shoes. Understand and balance the different needs of our customers, acting with integrity and empathy to create something excellent • Grow Together: Empower each other to succeed. Recognise the work of our teams, while celebrating individual success. Embrace diverse perspectives so we can develop and grow together. • Be Courageous: Think big, push boundaries. Don't be afraid to fail because that's how we learn. Test, adapt, improve - always strive to be better. You'll get a highly competitive remuneration and benefits package. This is kept under constant review to make sure it stays relevant. We understand the power of saying thank you and take time to acknowledge and reward extraordinary effort by teams or individuals. If this sounds like a role and a culture that appeals to you, apply now!
Are you looking for an exciting new opportunity? A well-established Managed Service Provider (MSP), founded in 2002, is seeking a skilled Cyber Security Specialist to join the team. The company offers comprehensive IT support and cloud solutions to businesses across London. Specialising in day-to-day IT support, project management, and cloud services, they deliver expert solutions for everything from server installations to individual desktops and laptops, ensuring businesses operate efficiently. With a commitment to delivering high-quality IT solutions, the company has grown to a team of 30. Since 2020, the business has expanded through multiple small MSP acquisitions, successfully integrating both staff and clients. Ready to take your expertise to the next level? Get in touch today! Responsibilities: Conducting regular security assessments and vulnerability testing. Developing and implementing security policies and procedures. Monitoring network traffic for unusual activity and potential threats using SOC/SIEM solutions. Responding to security breaches and carrying out forensic investigations. Ensuring compliance with industry standards and regulations, including ISO 27001 and GDPR. Delivering security training and awareness programs for both clients and staff. Mentoring junior security analysts to support team development. Researching and evaluating security solutions to ensure the use of best-of-breed products. Collaborating with the IT team to design and implement secure network architectures. Generating automated security reports tailored for executive-level clients. Required Skills/Qualifications: A Bachelor's degree in Cyber Security, Information Technology, or a related field. A minimum of three years' experience in a cyber security role, infrastructure, or advanced third-line support. Strong knowledge of security frameworks and standards such as ISO 27001 and GDPR. Expertise in Microsoft 365, SharePoint, Azure architecture, security, and Entra. Proficiency in security tools and technologies, including firewalls, identity management, and layered security stacks. Experience in incident response and forensic analysis. Excellent problem-solving, analytical, and communication skills. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are advantageous. Benefits: Opportunity to contribute to a growing MSP with a strong client base. Collaborative team environment.
Aug 21, 2025
Full time
Are you looking for an exciting new opportunity? A well-established Managed Service Provider (MSP), founded in 2002, is seeking a skilled Cyber Security Specialist to join the team. The company offers comprehensive IT support and cloud solutions to businesses across London. Specialising in day-to-day IT support, project management, and cloud services, they deliver expert solutions for everything from server installations to individual desktops and laptops, ensuring businesses operate efficiently. With a commitment to delivering high-quality IT solutions, the company has grown to a team of 30. Since 2020, the business has expanded through multiple small MSP acquisitions, successfully integrating both staff and clients. Ready to take your expertise to the next level? Get in touch today! Responsibilities: Conducting regular security assessments and vulnerability testing. Developing and implementing security policies and procedures. Monitoring network traffic for unusual activity and potential threats using SOC/SIEM solutions. Responding to security breaches and carrying out forensic investigations. Ensuring compliance with industry standards and regulations, including ISO 27001 and GDPR. Delivering security training and awareness programs for both clients and staff. Mentoring junior security analysts to support team development. Researching and evaluating security solutions to ensure the use of best-of-breed products. Collaborating with the IT team to design and implement secure network architectures. Generating automated security reports tailored for executive-level clients. Required Skills/Qualifications: A Bachelor's degree in Cyber Security, Information Technology, or a related field. A minimum of three years' experience in a cyber security role, infrastructure, or advanced third-line support. Strong knowledge of security frameworks and standards such as ISO 27001 and GDPR. Expertise in Microsoft 365, SharePoint, Azure architecture, security, and Entra. Proficiency in security tools and technologies, including firewalls, identity management, and layered security stacks. Experience in incident response and forensic analysis. Excellent problem-solving, analytical, and communication skills. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are advantageous. Benefits: Opportunity to contribute to a growing MSP with a strong client base. Collaborative team environment.
Azure Network Support Engineer 6 Months Negotiable Day Rate (Inside IR35) Fully on-site in Central London Working on American timezone (2PM-10PM GMT) My client, in the insurance industry, are looking for an Azure Network Support Engineer who has core experience supporting networking technologies in Azure. The engineer will also have excellent technical skills on firewall technologies specifically Palo Alto and can adapt to changing needs in an agile environment. Responsibilities on the role Creating support documentation for handover provided by project team including using shadowing and reverse shadowing techniques Able to support migrations happening from current Hub and Spoke architecture to Secure vWAN hub in Azure Be an integral part of the squad and act as the go-to person for network support requirements Can work independently on support issues and escalate incidents with vendors where required including ensuring ownership until incident resolution Collaborate with engineers, testers, and other team members for migration work, DR tests etc including working paid additional / out-of-hours where applicable Communicate effectively with all levels of stakeholders, both verbally and in writing Requirements for this position Azure networking (NSG, VNet peering , UDR , Route Table , Private Link /Endpoint, Load balancer) Deployment and support experience of Azure vWAN Hub and Palo Alto Cloud NGFW Build VPNs with other cloud providers and appliances Palo Software and Cloud NGFW in Azure. This will include management of Advanced Threat Protection features like Antivirus, Antispyware , Vulnerability protection ,URL filtering , file blocking and Wildfire in addition to firewall rules Checkpoint and Azure Firewall (desirable) Azure DNS Infoblox DDI Expressroute and VNET gateways Infrastructure as Code Management - Terraform , Azure ADO (desirable) Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
Mar 09, 2025
Contractor
Azure Network Support Engineer 6 Months Negotiable Day Rate (Inside IR35) Fully on-site in Central London Working on American timezone (2PM-10PM GMT) My client, in the insurance industry, are looking for an Azure Network Support Engineer who has core experience supporting networking technologies in Azure. The engineer will also have excellent technical skills on firewall technologies specifically Palo Alto and can adapt to changing needs in an agile environment. Responsibilities on the role Creating support documentation for handover provided by project team including using shadowing and reverse shadowing techniques Able to support migrations happening from current Hub and Spoke architecture to Secure vWAN hub in Azure Be an integral part of the squad and act as the go-to person for network support requirements Can work independently on support issues and escalate incidents with vendors where required including ensuring ownership until incident resolution Collaborate with engineers, testers, and other team members for migration work, DR tests etc including working paid additional / out-of-hours where applicable Communicate effectively with all levels of stakeholders, both verbally and in writing Requirements for this position Azure networking (NSG, VNet peering , UDR , Route Table , Private Link /Endpoint, Load balancer) Deployment and support experience of Azure vWAN Hub and Palo Alto Cloud NGFW Build VPNs with other cloud providers and appliances Palo Software and Cloud NGFW in Azure. This will include management of Advanced Threat Protection features like Antivirus, Antispyware , Vulnerability protection ,URL filtering , file blocking and Wildfire in addition to firewall rules Checkpoint and Azure Firewall (desirable) Azure DNS Infoblox DDI Expressroute and VNET gateways Infrastructure as Code Management - Terraform , Azure ADO (desirable) Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
Security & Compliance Manager Department: Business Operations Employment Type: Full Time Location: Glasgow Description Encompass enables fast, accurate identity validation and verification of corporate customers, and a gold standard approach to KYC. Our award-winning corporate digital identity (CDI) platform incorporates real-time data and documents from authoritative global public data sources and private customer information, to create and maintain digital risk profiles. Utilizing the expertise of a global transformation team of KYC and banking industry experts, as well as strategic data, technology and consulting partnerships, enables seamless integration of Encompass into existing workflows and systems. With Encompass the world's leading banks improve customer experience and increase business opportunities through consistent regulatory compliance and risk mitigation. With offices in Amsterdam, Glasgow, London, New York, and Sydney, we are a rapidly growing international company offering a chance to be part of our success - read on if you think you're up for the challenge. About the role With security and compliance guiding every decision we make, our Information Security team is growing with the addition of a Security & Compliance Manager. Reporting directly to the CISO, this role will be responsible for tracking obligations, ensuring ongoing compliance, managing and conducting scheduled audits, maintaining compliance documentation, and responding to security and compliance-related information requests. Key Responsibilities Manage, monitor and report on compliance with security standards, such as SOC 2 & ISO 27001, ensuring N/C's and OFI's are identified and addressed according to SLO's. Drive staff awareness initiatives, ensuring completion of compliance training, policy reviews, and acknowledgments. Conduct and manage risk reviews to proactively identify and mitigate security and compliance risks. Plan, schedule, and execute audit activities, ensuring timely completion and adherence to regulatory requirements. Actively track and manage Tier 1 customer obligations to ensure compliance and accountability. Enhance the efficiency of due diligence questionnaires (DDQs) and Request for Information (RFI) responses by improving response times and increasing the percentage of questions answerable by non-specialists using an internal knowledge database. Skills, Knowledge and Expertise Compliance Expertise: Strong background in highly regulated industries (banking/financial services), navigating complex compliance landscapes. Project Management & Organization: Track multiple requirements and ensure nothing is overlooked. Prioritize actions effectively to meet deadlines and objectives. Escalate issues when necessary to avoid roadblocks. Security Frameworks: In-depth knowledge of ISO 27001, SOC 2, and CIS for security and compliance. Cloud & Software Development: Experience in security/compliance for cloud environments (AWS, Azure, GCP) and software development. SDLC Knowledge: Understanding of secure coding, threat modelling, and vulnerability management within CI/CD pipelines. Communication: Convey information clearly and effectively to stakeholders. Ensure alignment across teams through regular updates and discussions. Audit Experience: Conducting audits, preparing documentation; certifications like CISA, CISM, or ISO 27001 Lead Auditor preferred. Regulatory Compliance: Familiarity with GDPR, NIS, and EU DORA for cybersecurity and data protection. Learning & Security Awareness: Stay informed on best security practices and industry developments. Share knowledge and promote good security habits within the team. Equal Opportunities We are committed to fostering a diverse and inclusive workplace where everyone feels valued and empowered to thrive. We welcome applications from individuals of all backgrounds, regardless of race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you require any adjustments during the recruitment process to ensure an equitable experience, please let us know. Join us in creating an environment where everyone can contribute their best work. Benefits We offer a rewarding and challenging place to work, a transparent and collaborative culture and a well-rounded benefits package. Below are some of what we currently offer: Participation in our industry leading share options scheme Private Medical Plan 20 days a year Work From Anywhere policy for all staff Flexible-first working policy Enhanced annual, personal and parental leave schemes. Paid volunteering leave programme Employer recognition and employee assistance programmes
Feb 17, 2025
Full time
Security & Compliance Manager Department: Business Operations Employment Type: Full Time Location: Glasgow Description Encompass enables fast, accurate identity validation and verification of corporate customers, and a gold standard approach to KYC. Our award-winning corporate digital identity (CDI) platform incorporates real-time data and documents from authoritative global public data sources and private customer information, to create and maintain digital risk profiles. Utilizing the expertise of a global transformation team of KYC and banking industry experts, as well as strategic data, technology and consulting partnerships, enables seamless integration of Encompass into existing workflows and systems. With Encompass the world's leading banks improve customer experience and increase business opportunities through consistent regulatory compliance and risk mitigation. With offices in Amsterdam, Glasgow, London, New York, and Sydney, we are a rapidly growing international company offering a chance to be part of our success - read on if you think you're up for the challenge. About the role With security and compliance guiding every decision we make, our Information Security team is growing with the addition of a Security & Compliance Manager. Reporting directly to the CISO, this role will be responsible for tracking obligations, ensuring ongoing compliance, managing and conducting scheduled audits, maintaining compliance documentation, and responding to security and compliance-related information requests. Key Responsibilities Manage, monitor and report on compliance with security standards, such as SOC 2 & ISO 27001, ensuring N/C's and OFI's are identified and addressed according to SLO's. Drive staff awareness initiatives, ensuring completion of compliance training, policy reviews, and acknowledgments. Conduct and manage risk reviews to proactively identify and mitigate security and compliance risks. Plan, schedule, and execute audit activities, ensuring timely completion and adherence to regulatory requirements. Actively track and manage Tier 1 customer obligations to ensure compliance and accountability. Enhance the efficiency of due diligence questionnaires (DDQs) and Request for Information (RFI) responses by improving response times and increasing the percentage of questions answerable by non-specialists using an internal knowledge database. Skills, Knowledge and Expertise Compliance Expertise: Strong background in highly regulated industries (banking/financial services), navigating complex compliance landscapes. Project Management & Organization: Track multiple requirements and ensure nothing is overlooked. Prioritize actions effectively to meet deadlines and objectives. Escalate issues when necessary to avoid roadblocks. Security Frameworks: In-depth knowledge of ISO 27001, SOC 2, and CIS for security and compliance. Cloud & Software Development: Experience in security/compliance for cloud environments (AWS, Azure, GCP) and software development. SDLC Knowledge: Understanding of secure coding, threat modelling, and vulnerability management within CI/CD pipelines. Communication: Convey information clearly and effectively to stakeholders. Ensure alignment across teams through regular updates and discussions. Audit Experience: Conducting audits, preparing documentation; certifications like CISA, CISM, or ISO 27001 Lead Auditor preferred. Regulatory Compliance: Familiarity with GDPR, NIS, and EU DORA for cybersecurity and data protection. Learning & Security Awareness: Stay informed on best security practices and industry developments. Share knowledge and promote good security habits within the team. Equal Opportunities We are committed to fostering a diverse and inclusive workplace where everyone feels valued and empowered to thrive. We welcome applications from individuals of all backgrounds, regardless of race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you require any adjustments during the recruitment process to ensure an equitable experience, please let us know. Join us in creating an environment where everyone can contribute their best work. Benefits We offer a rewarding and challenging place to work, a transparent and collaborative culture and a well-rounded benefits package. Below are some of what we currently offer: Participation in our industry leading share options scheme Private Medical Plan 20 days a year Work From Anywhere policy for all staff Flexible-first working policy Enhanced annual, personal and parental leave schemes. Paid volunteering leave programme Employer recognition and employee assistance programmes
BACB is a UK bank that offers trade finance and investment expertise to clients in specialist markets, especially Africa and the Middle East. We have been helping businesses with trade finance and complementary products for over half a century, focusing on trade flows to and from Africa and the Middle East as well as real estate in the UK. Our in-depth knowledge of the countries and practices where our clients operate ensures that we put them first. Additional Info Hybrid Working: 3 days onsite, 2 from home Location: City of London Contract Type: Fixed Term Contract Job Summary Reporting to the Head of Operational Risk and working closely with the Head of Information Security, the role will support in managing the Bank's Second line of Defence (2LOD) for cyber security, assuring compliance with the Bank's Information Security Policies and Standards and overseeing the effective implementation of security controls through engagement with the Bank's cyber security operations team (1LOD). Key Work Outputs and Accountabilities Supporting the management of the Bank's Cyber Security function maintaining compliance with our NIST based cyber security framework. Responsible to Head of Operational Risk for Information Security RCSA framework, in particular regulatory compliance, and tolerated risk exposure. Act as Cyber Security expert within the Second Line of Defence (2LOD), providing advice and guidance to 1LOD on best practice cyber security and to business driven change activity. Working with the Bank's Enterprise Architect to ensure solutions are delivered in accordance with BACB's IT Security policies and Standards Ensure the Bank can effectively respond and recover from Cyber Security Incidents. Working with the Head of Information Security on ways to defend the Bank from current cyber threat landscape, identifying emergent threats and recommending innovative controls and mitigations. Work together with the 1LOD and provide evidence that IT Security operations are within risk tolerances (e.g., Evergreen IT, Patching, Vulnerability scanning and Pen Testing) (supported by a 2nd member of the 2LOD team) Oversee compliance with the Bank's cyber security standards and policies liaising with CIO (1LOD) where responsibility spans Lines of Defence. Maintain security performance metrics/ KPIs, recommending improvements where appropriate. Effective use of specialist tools and logging to review the Bank's cyber status and perform requested "deep dives" as necessary as well as define automated alerting mechanisms, ensuring that these alerts can be assessed and investigates independently by 1LOD and 2LOD. Engaging with the CIO and the Head of Information Security to ensure that sufficient/ effective cyber defences are implemented, giving the Bank value for money for any procured Cyber Security solutions, including Cyber Risk Insurance. Responsibility for the effective bank-wide cyber security training and awareness. Required Qualifications and Experience Educated to degree level (or equivalent), possessing at least one security accreditation (e.g., CISM or CISSP) Good working knowledge of cyber security standards (i.e. NIST, ISO 27001, Cyber Essentials, GDPR). Previous experience in the practical use and management of products such as Defender, Darktrace and Mimecast IT security management knowledge, skills, and experience. Familiarity of firewall rulesets and the requirements for effective cyber defence. Familiar with the Microsoft stack from Desktop products to server products to Azure Working in Financial Services or another regulated market, such as aviation or energy. Managing the delivery of an organization-wide information security related strategy Knowledgeable in common Data Leakage reasons and effective prevention. Working with on premise, public and/or hybrid cloud environments Conducting security-based investigations, the management of such inquiries and liaison with external BACB engaged investigation parties.
Feb 10, 2025
Full time
BACB is a UK bank that offers trade finance and investment expertise to clients in specialist markets, especially Africa and the Middle East. We have been helping businesses with trade finance and complementary products for over half a century, focusing on trade flows to and from Africa and the Middle East as well as real estate in the UK. Our in-depth knowledge of the countries and practices where our clients operate ensures that we put them first. Additional Info Hybrid Working: 3 days onsite, 2 from home Location: City of London Contract Type: Fixed Term Contract Job Summary Reporting to the Head of Operational Risk and working closely with the Head of Information Security, the role will support in managing the Bank's Second line of Defence (2LOD) for cyber security, assuring compliance with the Bank's Information Security Policies and Standards and overseeing the effective implementation of security controls through engagement with the Bank's cyber security operations team (1LOD). Key Work Outputs and Accountabilities Supporting the management of the Bank's Cyber Security function maintaining compliance with our NIST based cyber security framework. Responsible to Head of Operational Risk for Information Security RCSA framework, in particular regulatory compliance, and tolerated risk exposure. Act as Cyber Security expert within the Second Line of Defence (2LOD), providing advice and guidance to 1LOD on best practice cyber security and to business driven change activity. Working with the Bank's Enterprise Architect to ensure solutions are delivered in accordance with BACB's IT Security policies and Standards Ensure the Bank can effectively respond and recover from Cyber Security Incidents. Working with the Head of Information Security on ways to defend the Bank from current cyber threat landscape, identifying emergent threats and recommending innovative controls and mitigations. Work together with the 1LOD and provide evidence that IT Security operations are within risk tolerances (e.g., Evergreen IT, Patching, Vulnerability scanning and Pen Testing) (supported by a 2nd member of the 2LOD team) Oversee compliance with the Bank's cyber security standards and policies liaising with CIO (1LOD) where responsibility spans Lines of Defence. Maintain security performance metrics/ KPIs, recommending improvements where appropriate. Effective use of specialist tools and logging to review the Bank's cyber status and perform requested "deep dives" as necessary as well as define automated alerting mechanisms, ensuring that these alerts can be assessed and investigates independently by 1LOD and 2LOD. Engaging with the CIO and the Head of Information Security to ensure that sufficient/ effective cyber defences are implemented, giving the Bank value for money for any procured Cyber Security solutions, including Cyber Risk Insurance. Responsibility for the effective bank-wide cyber security training and awareness. Required Qualifications and Experience Educated to degree level (or equivalent), possessing at least one security accreditation (e.g., CISM or CISSP) Good working knowledge of cyber security standards (i.e. NIST, ISO 27001, Cyber Essentials, GDPR). Previous experience in the practical use and management of products such as Defender, Darktrace and Mimecast IT security management knowledge, skills, and experience. Familiarity of firewall rulesets and the requirements for effective cyber defence. Familiar with the Microsoft stack from Desktop products to server products to Azure Working in Financial Services or another regulated market, such as aviation or energy. Managing the delivery of an organization-wide information security related strategy Knowledgeable in common Data Leakage reasons and effective prevention. Working with on premise, public and/or hybrid cloud environments Conducting security-based investigations, the management of such inquiries and liaison with external BACB engaged investigation parties.
Role Title: Endpoint SME Duration: 6 Months Location: Remote 100% Umbrella only 570 per day ACTIVE SC CLEARANCE Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose / summary Endpoint Protection Tools Specialist with experience in the deployment, secure configuration and operation across a range of tools such as Trend Micro, McAfee, Micro Soft Defender, Symantec and Crowdstrike. Installation: Download the Trend Micro installer from the official website or your Trend Micro account. Install the management console on a dedicated server or virtual machine. Deploy Trend Micro agents to endpoints, servers, and other devices within the defined scope. Configuration: Configure security policies and settings within the management console, tailoring them to your organization's security requirements. Set up automated updates and schedules for regular security scans and software updates. Integrate with other security tools and systems, if applicable. Deployment and Agent Installation: Roll out the Trend Micro agents to all targeted devices using deployment methods such as remote installation, group policies, or manual installation. Verify that all agents are correctly installed and communicating with the management console. Monitoring and Management: Monitor the security status and alerts through the management console. Perform regular vulnerability assessments, threat detection, and incident response as necessary. Continuously review and adjust security policies to address emerging threats and changes in your IT environment. Provide training and support to SOC staff to ensure effective use of Trend Micro tools. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Feb 06, 2025
Contractor
Role Title: Endpoint SME Duration: 6 Months Location: Remote 100% Umbrella only 570 per day ACTIVE SC CLEARANCE Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role purpose / summary Endpoint Protection Tools Specialist with experience in the deployment, secure configuration and operation across a range of tools such as Trend Micro, McAfee, Micro Soft Defender, Symantec and Crowdstrike. Installation: Download the Trend Micro installer from the official website or your Trend Micro account. Install the management console on a dedicated server or virtual machine. Deploy Trend Micro agents to endpoints, servers, and other devices within the defined scope. Configuration: Configure security policies and settings within the management console, tailoring them to your organization's security requirements. Set up automated updates and schedules for regular security scans and software updates. Integrate with other security tools and systems, if applicable. Deployment and Agent Installation: Roll out the Trend Micro agents to all targeted devices using deployment methods such as remote installation, group policies, or manual installation. Verify that all agents are correctly installed and communicating with the management console. Monitoring and Management: Monitor the security status and alerts through the management console. Perform regular vulnerability assessments, threat detection, and incident response as necessary. Continuously review and adjust security policies to address emerging threats and changes in your IT environment. Provide training and support to SOC staff to ensure effective use of Trend Micro tools. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
This job posting isn't available in all website languages Senior Physical Security Engineer / Consultant Today the risks to people, assets and organisations are rapidly evolving. We help clients navigate the toughest questions in the spheres of safety risk, security risk and business risk. Whether due to geopolitical risk, climate change, life extension of ageing infrastructure or the increased connectivity of our built environment, we help clients develop appropriate and proportionate solutions to their risks. Our Resilience Security and Risk team includes leading experts in security intelligence, blast and protective design, physical and electronic security design, cyber-security, personnel and operational security. The Opportunity We work closely with other disciplines in Arup to find solutions that meet our client's objectives and are sustainable in their implementation. To enable us to do this we are looking for an enthusiastic and capable Senior Security Consultant/System Engineer to join our world leading security consultancy. Such a specialist should have a strong foundation in security consulting and security system design/implementation. The role of Senior Security Consultant/System Engineer within the Resilience Security and Risk team demands a combination of technical and commercial excellence. As a Senior Security Consultant/System Engineer, the primary focus will be the day-to-day design and management of projects across our portfolio of work, ensuring delivery is to a consistently high standard and is meeting client and stakeholder expectations. At Arup, you belong to an extraordinary collective - in which we encourage individuality to thrive. Our strength comes from how we respect, share and connect our diverse experiences, perspectives and ideas. You will have the opportunity do socially useful work that has meaning - to Arup, to your career, to our members and to the clients and communities we serve. Is this role right for you? The suitable candidate will have proven skills in delivering security projects within the built environment, a significant part of which must include demonstrable experience of working in a multi-disciplinary engineering consultancy environment. You will possess a relevant qualification in security or built environment discipline. Alternatively, we will also consider significant industry experience within security or risk management. Ideally you will hold or be working towards professional membership of an established UK security related institutions such as Security Institute; Register of Security Engineers and Specialists (RSES); ASIS. We are looking for the following skills and knowledge: Design and delivery of integrated solutions using the latest technology applicable to security design (e.g Video surveillance, access control and intruder detection systems). Integration to other third-party site-based systems (i.e. Fire, BMS, etc.) Knowledge and the implementation of physical barrier systems including; Pedestrian turnstiles/electronical operated gate systems; Perimeter fences, vehicle gates and barriers; Hostile vehicle mitigation systems (active and static). Appreciation of current initiatives within the industry such as SABRE, Secured by Design, etc. Physical design of facilities and controlled areas to mitigate against forced entry using manual/powered tools. Contribute, develop and/or interpret threat, vulnerability and risk assessments. Conversant in designing in the BIM and Revit environments and be able to provide guidance to the junior consultants/engineers on delivery and the security considerations. Capable of undertake technical security reviews, audits, design surveys, installation inspections and approvals, and other similar tasks of our clients If this role is not quite what you are looking for but you are interested in other opportunities for a future with purpose, please sign up to our Talent Community : where you will be kept up to date with roles suitable for you to shape a better world. What we offer you At Arup, we care about each member's success, so we can grow together. Guided by our values, we provide an attractive total reward package that recognises the contribution of each of our members to our shared success. As well as competitive, fair and equitable pay, we offer a career in which all of our members can belong, grow and thrive - through benefits that support health and wellbeing, a wide range of learning opportunities and many possibilities to have an impact through the work they do. We are owned in trust on behalf of our members, giving us the freedom, with personal responsibility, to set our own direction and choose work that aligns with our purpose and adds to Arup's legacy. Our members collaborate on ambitious projects to deliver remarkable outcomes for our clients and communities. Profit Share is a key part of our reward, enabling members to share in the results of our collective efforts. We also provide Private medical insurance, Life assurance, Accident insurance and Income protection cover. In addition, you'll have access to flexible benefits to help you look after all aspects of your wellbeing and give you the freedom and flexibility to find the best solutions for you, your family, and your individual needs. Different people, shared values Arup is an equal opportunity employer that actively promotes and nurtures a diverse and inclusive workforce. We welcome applications from individuals of all backgrounds, regardless of age (within legal limits), gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. We are an open environment that embraces diverse experiences, perspectives, and ideas - this drives our excellence. Guided by our values and alignment with the UN Sustainable Development Goals, we create and contribute to equitable spaces and systems, while cultivating a sense of belonging for all. Our internal employee networks support our inclusive culture: from race, ethnicity and cross-cultural working to gender equity and LGBTQ+ and disability inclusion - we aim to create a space for you to express yourself and make a positive difference. Discover more about life at Arup at . We are committed to making our recruitment process and workplaces accessible to all candidates. Please contact Kylie O'Hanlon at to let us know if you need any assistance or reasonable adjustments throughout your application or interview process, and/or to perform the essential functions of the role. We will do everything we can to support you. Stay safe online - Arup will never ask for your bank details as part of our recruitment process. Closing Date: 24-02-25
Jan 26, 2025
Full time
This job posting isn't available in all website languages Senior Physical Security Engineer / Consultant Today the risks to people, assets and organisations are rapidly evolving. We help clients navigate the toughest questions in the spheres of safety risk, security risk and business risk. Whether due to geopolitical risk, climate change, life extension of ageing infrastructure or the increased connectivity of our built environment, we help clients develop appropriate and proportionate solutions to their risks. Our Resilience Security and Risk team includes leading experts in security intelligence, blast and protective design, physical and electronic security design, cyber-security, personnel and operational security. The Opportunity We work closely with other disciplines in Arup to find solutions that meet our client's objectives and are sustainable in their implementation. To enable us to do this we are looking for an enthusiastic and capable Senior Security Consultant/System Engineer to join our world leading security consultancy. Such a specialist should have a strong foundation in security consulting and security system design/implementation. The role of Senior Security Consultant/System Engineer within the Resilience Security and Risk team demands a combination of technical and commercial excellence. As a Senior Security Consultant/System Engineer, the primary focus will be the day-to-day design and management of projects across our portfolio of work, ensuring delivery is to a consistently high standard and is meeting client and stakeholder expectations. At Arup, you belong to an extraordinary collective - in which we encourage individuality to thrive. Our strength comes from how we respect, share and connect our diverse experiences, perspectives and ideas. You will have the opportunity do socially useful work that has meaning - to Arup, to your career, to our members and to the clients and communities we serve. Is this role right for you? The suitable candidate will have proven skills in delivering security projects within the built environment, a significant part of which must include demonstrable experience of working in a multi-disciplinary engineering consultancy environment. You will possess a relevant qualification in security or built environment discipline. Alternatively, we will also consider significant industry experience within security or risk management. Ideally you will hold or be working towards professional membership of an established UK security related institutions such as Security Institute; Register of Security Engineers and Specialists (RSES); ASIS. We are looking for the following skills and knowledge: Design and delivery of integrated solutions using the latest technology applicable to security design (e.g Video surveillance, access control and intruder detection systems). Integration to other third-party site-based systems (i.e. Fire, BMS, etc.) Knowledge and the implementation of physical barrier systems including; Pedestrian turnstiles/electronical operated gate systems; Perimeter fences, vehicle gates and barriers; Hostile vehicle mitigation systems (active and static). Appreciation of current initiatives within the industry such as SABRE, Secured by Design, etc. Physical design of facilities and controlled areas to mitigate against forced entry using manual/powered tools. Contribute, develop and/or interpret threat, vulnerability and risk assessments. Conversant in designing in the BIM and Revit environments and be able to provide guidance to the junior consultants/engineers on delivery and the security considerations. Capable of undertake technical security reviews, audits, design surveys, installation inspections and approvals, and other similar tasks of our clients If this role is not quite what you are looking for but you are interested in other opportunities for a future with purpose, please sign up to our Talent Community : where you will be kept up to date with roles suitable for you to shape a better world. What we offer you At Arup, we care about each member's success, so we can grow together. Guided by our values, we provide an attractive total reward package that recognises the contribution of each of our members to our shared success. As well as competitive, fair and equitable pay, we offer a career in which all of our members can belong, grow and thrive - through benefits that support health and wellbeing, a wide range of learning opportunities and many possibilities to have an impact through the work they do. We are owned in trust on behalf of our members, giving us the freedom, with personal responsibility, to set our own direction and choose work that aligns with our purpose and adds to Arup's legacy. Our members collaborate on ambitious projects to deliver remarkable outcomes for our clients and communities. Profit Share is a key part of our reward, enabling members to share in the results of our collective efforts. We also provide Private medical insurance, Life assurance, Accident insurance and Income protection cover. In addition, you'll have access to flexible benefits to help you look after all aspects of your wellbeing and give you the freedom and flexibility to find the best solutions for you, your family, and your individual needs. Different people, shared values Arup is an equal opportunity employer that actively promotes and nurtures a diverse and inclusive workforce. We welcome applications from individuals of all backgrounds, regardless of age (within legal limits), gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. We are an open environment that embraces diverse experiences, perspectives, and ideas - this drives our excellence. Guided by our values and alignment with the UN Sustainable Development Goals, we create and contribute to equitable spaces and systems, while cultivating a sense of belonging for all. Our internal employee networks support our inclusive culture: from race, ethnicity and cross-cultural working to gender equity and LGBTQ+ and disability inclusion - we aim to create a space for you to express yourself and make a positive difference. Discover more about life at Arup at . We are committed to making our recruitment process and workplaces accessible to all candidates. Please contact Kylie O'Hanlon at to let us know if you need any assistance or reasonable adjustments throughout your application or interview process, and/or to perform the essential functions of the role. We will do everything we can to support you. Stay safe online - Arup will never ask for your bank details as part of our recruitment process. Closing Date: 24-02-25
Threat Management and Vulnerability Specialist - Windows/Unix - £75k A Threat Management and Vulnerability Engineer is required a Global Financial Client based within the Infra and Cloud team in London. This role works alongside the Support teams and IT Security to ensure the Security and Config of the Windows and VMware systems are secure. You will be looking at the vulnerability of the operating systems and highlight any threats - you will need to understand what these threats are, how you find them and how you fix them. This may have you reporting the threat to another team, in some cases you will be expected to fix the threat themselves. Any experience with Qualys is highly desired as its used by the Security Team and you will need to understand the reporting. Any exposure with Cloud deployment would be beneficial Occasionally this person will be expected to work weekends and when they do they will be offered time in lieu. 20% Office based - 1 day a week. Key Skills & Experience: - Threat Management, Vulnerability & Config compliance across a large scale windows estate - Supporting a Microsoft & VMWare environment - Unix/Linux System Support - Plan, scope, and coordinate Penetration Testing including debriefing key stakeholders. - Assist Incident Response team with the investigation and resolution of Security Incidents when required. This is a fantastic opportunity to join a progressive Company that offers successful candidates a career path and growth. In return you will receive a starting base salary up to £85k plus benefits Threat Management and Vulnerability Specialist - Windows/Unix - £75k Kite Human Capital - Hire Better We are unashamedly focused on working with only the best people, who care about customer value and maintain a fantastic working reputation. If you are someone that is committed to working hard to achieve great results, views challenge as an exciting opportunity and wants to work in some of the best possible assignments then please get in touch, we'd love to help you find your next position. We pride ourselves on rock solid integrity and honesty, and place client value at the centre of every decision we make. 2018 - Winner Best Client Service' 2017 - Winner Agency of The Year' 2017 - Winner Banking & Financial Services Agency' t2016 - Winner Banking & Financial Services Agency'
Sep 20, 2022
Full time
Threat Management and Vulnerability Specialist - Windows/Unix - £75k A Threat Management and Vulnerability Engineer is required a Global Financial Client based within the Infra and Cloud team in London. This role works alongside the Support teams and IT Security to ensure the Security and Config of the Windows and VMware systems are secure. You will be looking at the vulnerability of the operating systems and highlight any threats - you will need to understand what these threats are, how you find them and how you fix them. This may have you reporting the threat to another team, in some cases you will be expected to fix the threat themselves. Any experience with Qualys is highly desired as its used by the Security Team and you will need to understand the reporting. Any exposure with Cloud deployment would be beneficial Occasionally this person will be expected to work weekends and when they do they will be offered time in lieu. 20% Office based - 1 day a week. Key Skills & Experience: - Threat Management, Vulnerability & Config compliance across a large scale windows estate - Supporting a Microsoft & VMWare environment - Unix/Linux System Support - Plan, scope, and coordinate Penetration Testing including debriefing key stakeholders. - Assist Incident Response team with the investigation and resolution of Security Incidents when required. This is a fantastic opportunity to join a progressive Company that offers successful candidates a career path and growth. In return you will receive a starting base salary up to £85k plus benefits Threat Management and Vulnerability Specialist - Windows/Unix - £75k Kite Human Capital - Hire Better We are unashamedly focused on working with only the best people, who care about customer value and maintain a fantastic working reputation. If you are someone that is committed to working hard to achieve great results, views challenge as an exciting opportunity and wants to work in some of the best possible assignments then please get in touch, we'd love to help you find your next position. We pride ourselves on rock solid integrity and honesty, and place client value at the centre of every decision we make. 2018 - Winner Best Client Service' 2017 - Winner Agency of The Year' 2017 - Winner Banking & Financial Services Agency' t2016 - Winner Banking & Financial Services Agency'
