This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Information Security Analyst

INFOSEC_1547742159
£45000 - £50000 per annum

Managing this Role

Jake Taylor

Associate Consultant - Cyber Specialist 0207 759 7878

A keen sportsman and captain of his local rugby team in Essex, Jake is naturally adept at spotting top performers. With a specific candidate pool from professional services, Jake sources the best cyber security talent for Magic Circle, Silver Circle and top 100 UK law firms.

 

Roles recruited: SOC analysts, cyber security analysts/consultants and InfoSec

Seniority: Mid-level

Job Type: Permanent

Geographical coverage: London

Market: Cyber security operations within the legal sector

Information Security Analyst

We have partnered with a leading UK based charity that are looking for experienced Information Security Analysts to join the Head of Information Security, supporting the development of the security programme and forming a brand new team!

You will monitor for security issues, carry out incident investigations and risk assessments as well as liaise with third-parties and colleagues to assure good security practices are implemented and maintained.

Main Responsibilities

Monitor and audit for security vulnerabilities and weaknesses, propose mitigating measures and liaise with IT and other colleagues for implementation.

Investigate and follow-up information security events and incidents.

Assist in the identification and monitoring of organisation-wide security risks and maintain the Information Security Risk Register.

Identify emerging threat patterns, research enhancements and make recommendations to Manager.

Conduct third-party supplier due diligence assessments.

Coordinate the annual compliance programme of pentesting, certification etc.

Help develop company-wide good practice for information security in line with ISO27001.

Assist in the creation and delivery of training and advice to colleagues via online and face to face interactions.

Evaluate security products and providers.

Stay up-to-date on IT and cybersecurity trends, threats, vulnerabilities and mitigating technologies

Generate management information and metrics as defined by Manager

Experience

Solid IT background and practical experience of information security tasks for a large organisation.

Up-to-date understanding and experience of information security concepts and technologies such as DLP, firewalls, proxies, security protocols, SIEM, IDS/IPS, encryption and Cloud

Skills & Knowledge

  • Excellent verbal and written communication and ability to explain technical concepts to non-technical audiences.
  • We are looking for someone who can communicate well to all levels internally and externally.
  • Working knowledge of the concepts of security compliance, assurance and of industry standards such as the ISO270x series.
  • Able to work well independently and as part of the team
  • Degree in IT or Information Security would be advantageous
  • Ideally holds at least one of: SSCP, CEH, ISEB in Information Security Management, CISSP, ISO27001 Lead Auditor or Lead Implementer, ISEB in Information Risk Management, or equivalents.

Additional Information

  • Occasional travel to sites outside of London to enable performance of the duties and responsibilities and for the purposes of maintaining and updating professional skills and development.
  • Occasional need to work outside normal working hours in order to assist with exceptional incidents.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.


This job has now been filled but you may be interested in:

 

Penetration Tester

Penetration Tester

You will have a passion for ethical hacking and breaking technology, and a talent for finding the things that others may miss. This role will give you a chance to use those skills to help clients protect their information and improve compliance with laws, regulations and contracts.


Key responsibilities include:

  • Delivering comprehensive penetration tests in a wide variety of infrastructural environments;
  • Leading testing teams in larger engagements;
  • Guiding less experienced team members, assisting their development and completing sign-offs for the next stages of their development;
  • Supporting the business development process in providing scoping and estimating; and
  • Contributing to ever-improving service delivery standards.

You will have:

  • CREST CCT or CRT certification, or other eg. OSCP
  • At least two year's penetration testing experience within a client-facing role;
  • Experience in:
    • Internal infrastructure testing;
    • External infrastructure testing; and
    • Web application testing.
  • Excellent written and verbal communication skills.


Desirable skills and experience:

  • Mobile application testing
  • Hardware testing
  • PCI-compliant testing
  • PSN ITHC
  • API testing
  • Security clearance

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Information Security Specialist

INFORMATION SECURITY SPECIALIST

We have partnered with a top London based Law firm who are looking to bring on an Information Security Specialist to join their firm. You will be participating in Information Security improvement decisions, monitoring and reporting; and will be the sole port of contact for all cyber security related issues. The Information Security Specialist will report to CTO and also have a dotted line to the Managing Partner.

Responsibilities and knowledge

  • Network, Host, Application, Data, Operational Security and Compliance
  • Firewalls, Intrusion Detection and Prevention Systems
  • UTM and URL Filtering, Malware Protection
  • Encryption for Data at Rest and Data in Motion
  • VLANs, NAT, VPN, Remote Access, Virtualization, and Cloud Concepts
  • Wireless Security
  • Mobile Security
  • Ethical Hacking concepts such as: System Hacking, Sniffing, Session Hijacking, Reconnaissance, Footprinting, Scanning Networks, Honeypots, Malware Threats, Enumeration, Cryptography, Buffer Overflow, Denial of Service, Hacking Wireless Networks, SQL Injection, Penetration Testing.

Qualifications

  • Information Technology certifications on Security from EC-Council such as: CEH, ECSA, CNDA, etc.
  • A good degree, preferably a Bachelor of Science Degree

This is an amazing opportunity to join one of London's top law firms and if this role sounds like apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Security Architect

Our client are the global leaders in electronic payments, therefore Cyber Security is at the beating heart of their business. It's down to diligence and expertise that makes them the undisputed leader in electronic payments. It is their top priority to create a top-tier Security Architecture team, poised to defend against any potential cyber threats.

We're looking for those of you who are inherently driven and fascinated by the art and science of cyber defence. We'll equip you with the very best tools and tech so that you can deliver top notch results.

The Role:

The Security Architect will work as a member of the Global Cyber Security organization - Security Architecture team, which is focused on improving technology and architecture decision-making through collaboration with management, staff and customers on technology strategy, enterprise architecture, and investments in strategic security technology.

The individual, with a broad Cyber Security plus systems and network architecture knowledge and experience, will provide overall direction, lifecycle management and leadership for security architecture and technology. Leading and contributing to the security posture of our client's networks and systems, data centre infrastructures, cloud architectures and solutions.

  • Developing, contributing and management of Security Architecture Specifications, Security Architecture Analysis, Threat-Modelling, Security Requirements, Security Standards and Design Patterns, Reference Architectures, Security Strategies and Roadmaps
  • Applying security design principles to develop security solutions architectures
  • Providing strategic points of view for security solutions
  • Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy
  • Driving security technologies evaluations, proof-of-concepts, and production pilots
  • Building strong cross-organizational relationships and effectively influencing staff across the IT organization and product groups
  • Working closely with the other technology architects to ensure that security is properly embedded in their technology domains architectures

Key Skills

  • Moderate to significant Cyber Security, engineering and design experience in Networks, Data Center Systems, and Cloud Infrastructure and Platforms
  • Good experience in threat-modelling of complex systems
  • Experience in delivering comprehensive architecture specifications for complex infrastructure security solutions
  • Experience with creating technical documentation: product documentation, technology and systems/network architecture, and technical whitepapers.
  • Working experience with the following security technologies: Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions
  • Strong knowledge and working experience with SDN (Software-Defined Networking), NFV (Network Function Virtualization), and network virtualization/overlays; microsegmentation
  • Strong hands on cloud architecture, with knowledge and working experience in: OpenStack, Cloud Foundry, Server Virtualization hypervisors (KVM, Xen, Hyper-V, VSphere), Linux Containers technologies (Docker, Mesos, Kubernetes), and distributed computing
  • Strong expertise and experience with Linux and Linux security
  • Hands-on experience and strong understanding of technology and enterprise security

If you believe you are a heavy hitter in the Security Architecture arena, then you could add true value to our clients already world class team. Apply within!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Penetration Tester

Penetration Tester

You will have a passion for ethical hacking and breaking technology, and a talent for finding the things that others may miss. This role will give you a chance to use those skills to help clients protect their information and improve compliance with laws, regulations and contracts.


Key responsibilities include:

  • Delivering comprehensive penetration tests in a wide variety of infrastructural environments;
  • Leading testing teams in larger engagements;
  • Guiding less experienced team members, assisting their development and completing sign-offs for the next stages of their development;
  • Supporting the business development process in providing scoping and estimating; and
  • Contributing to ever-improving service delivery standards.

You will have:

  • CREST CCT or CRT certification, or other eg. OSCP
  • At least two year's penetration testing experience within a client-facing role;
  • Experience in:
    • Internal infrastructure testing;
    • External infrastructure testing; and
    • Web application testing.
  • Excellent written and verbal communication skills.


Desirable skills and experience:

  • Mobile application testing
  • Hardware testing
  • PCI-compliant testing
  • PSN ITHC
  • API testing
  • Security clearance

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Security Operations Administrator/Engineer

Security Operations Administrator/Engineer

Are you looking for a position of importance? My client is looking for a Security Operations Administrator/Engineer to help provide resilience across their Cyber teams to ensure they maintain operational capability in the current security landscape. In This role you will be supporting the networks and the data communications network, which provides data communications to various sites and systems as part of Business Infrastructure and Revenue earning systems. This is a highly technical role but one of vital importance to the day to day running of our clients business.

The Role

  • Integrate a variety of programs and associated infrastructure elements with the SOC services technology infrastructure.
  • Develop and implement appropriate system administrative processes and procedures to ensure the systems remain compliant with ISO27001/2, and NIST 800-53 security control frameworks.
  • Provide administration duties for the SOC infrastructure systems to include account management, system configuration, patching and updates, rule tuning, system backups, and hardware replacement.
  • Monitor system performance and function, troubleshoot issues, and take necessary break fix actions for system recovery.
  • Maintain system design, inventory and asset configuration documentation.

Key Responsibilities

  • Daily administration, rules tuning, and log sources management of the SIEM, Incident Response Management platform, and Vulnerability Management infrastructure.
  • Provide support to the Endpoint Security Specialist in managing and configuring AV, EDR, DLP and HIPS tools.
  • Conduct maintenance and improvement of the SOC dashboards (and associate indexing engines) and visualization systems running on dynamic multi-screen setup.
  • Administration of the Systems Monitoring tool for hardware and software faults.
  • Carry out regular administration activities on all SOC infrastructure tools: account management, configuration management, backup and restore, DR simulations, updates and upgrades, End-of-Life hardware and software refresh.
  • Act as secondary point of contact for issues associated with all the tools and platforms, troubleshooting and escalate to the Vendors when required, with some on-shift patterns.
  • Act as escalation point for issues associated with all the tools and platform, troubleshooting and escalate to the vendors when required.
  • Implement and support the SOC systems configuration management and change control plans.

This is a unique opportunity to be apart of a global organisation and if this sounds like you apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Information Security Analyst

Information Security Analyst- London

Are you looking for a position of importance? My client is looking for an Information Security Analyst to help provide resilience across their Cyber teams to ensure they maintain operational capability in the current security landscape. In This role you will be reporting to the ISMS Governance Manager and you will be responsible for working on new and emerging security standards in line with security policies and processes.

The Role

  • Support the ISMS Manager in maintaining ISO 27001 standards and procedures in order to ensure that a secure by design culture is maintained.

  • Provide reports and routine updates on the status of overall ISMS and work under the ISMS Governance Manager and the Director Security Strategy, Policy and Planning on ensuring that the ISMS is maintained and improved whilst implementing the 3-years ISO27001 re-certification plan.

  • Introduce the relevant processes and procedures to manage Information Security within the business to help further reduce the risk of systems and information being compromised.

  • Support the review of data security policies and help department managers with data remediation or deletion.

  • Communicate specific business unit needs to group projects.

  • Provide information security guidance and direction to projects and business initiatives as required. Ensure change initiatives incorporate information security requirements.


About the Candidate

  • Demonstrable knowledge and previous work experience of ISMS (ISO 27001).

  • Demonstrable knowledge of European General Data Protection Regulation (GDPR).

  • Understanding of Enterprise Risk Management principles.

  • Working knowledge of NIST Framework for Improving Critical Infrastructure Cybersecurity.

  • Collaborative and comfortable working in a multi-stakeholder environment.

This is a unique opportunity to be apart of a global organisation and if this sounds like you apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.