Head of UK Information Security and Risk

As a member of the Information Security - Security Operations team you will maintain the confidentiality, availability and integrity of our information and information systems. This will primarily be achieved through identification and mitigation of risk through security systems management and incident management.

As a Information Security Analyst, it is your responsibility to monitor internal and external cyber threats and vulnerabilities to ensure that the clients technical controls are appropriate. It requires rapid response, detection, isolation and remediation of information security incidents.

Roles and Responsibilities:

• Responsible for operational support of technical security systems, including; installation, configuration, tuning, coverage, support and maintenance
• To establish and maintain security technical standards, procedures and guidelines
• To provide IT teams with security focused technical support, training and consultancy to ensure compliance with security standards, policies and legislation
• Facilitate a process of continuous improvement in the delivery of security services
• As part of a managed project evaluate products and related technologies that mitigate risk and recommend and support their introduction.
• Retain a working knowledge of related technical areas such as end user computing, database administration and networks
• To enable effective liaison with other technical groups and the coherent protection of their technologies
• To monitor internal and external cyber threats and vulnerabilities and ensure that their technical controls are aligned to these
• Rapid response, detection, isolation and remediation of information security incidents
• Reporting to and informing management of incidents and incident prevention activities
• Produce performance metrics to demonstrate the efficiency and effectiveness of IT and Security Operations controls
• Develop and operate procedures that counteract potential threats/vulnerabilities
• Support of the IT Change Management Process ensuring that information security risks are identified and addressed
• To provide a focal point for technical information security expertise
• Assist in the rapid execution of information security initiatives by maintaining an appropriate level of prioritisation, focus and persistence in an environment of significant change and growth
• Out of hours support required on a rota basis

Skills and Requirements:

• Thorough understanding of the information security threat landscape, significant risks, technical developments and directions
• Strong interpersonal skills are essential as the jobholder must be able to operate effectively at all levels within
• At least 3 years' in IT Security/IT Operations or equivalent position
• Information Security Incident handling experience
• Proven experience in writing Information Security Standards, procedures and guidelines
• Experience in industry recognised security standard such as ISO or COBIT
• Excellent written and oral communication skills
• Ability to conduct and direct research into threats and vulnerabilities and preventative capabilities
• Ability to effectively prioritise and execute tasks in a high-pressure environment

Qualifications (desirable):

• Certified Information Systems Security Professional (CISSP)
• MSc Information Security
• Vendor technology trained (certifications) eg Antimalware, Intrusion prevention, email security management technologies

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

We have partnered with a global leader in providing innovative and data-driven solutions to sports, media and regulated betting markets that are on the lookout for passionate, energetic and talented people to join their rapidly expanding team.

Job Description:

As a Security Specialist you will be responsible for providing policies and guidance to ensure the software developed by teams you have responsibility for is Secure by Design. You will champion security and coach development teams in how to develop secure software.

Role and Responsibilities:

• Leadership of Working Groups to define technical policies and guidelines relating to security
• Ensure standards are aligned with any business accreditation needs:
  - ISO 27001
  - Cyber Essentials
  - GDPR Related Security Controls
• Hands-on involvement with the implementation secure technical architectures e.g. authentication and authorisation solutions
• Creating and developing Reference Security Architecture Blueprints and Standards
• Coaching of technical DevOps product teams to ensure technical security standards and architectures are well understood and best practice is followed
• Champion technical product security implementation within the company to ensure Product Owners and other non-technical stakeholders understand the benefits and risks
• Technical security risk assessment of existing and future products
• Security auditing of software developed by the company and its partners
  - Black-box penetration testing
  - White-box code reviews, static analysis
• Investigation of security related events and incidents
• Technical liaison with third-parties on security related discussions:
  - Customers
  - Regulators and compliance auditors
• Automation of security testing
  - Tests within the software delivery pipeline
  - Continuous monitoring
• Report to senior technical managers about security risks

Required Skills:

• In depth understanding of security best practice and standards:
• Security by Design
• ISO 27001 & Cyber Essentials
• OWASP Top 10
• Encryption
• In depth understanding of authentication and authorisation technologies:
  - OpenID Connect
  - SAML
  - OAuth
  - AWS Cognito
  - AWS IAM
  - Active Directory
• Experienced in:
  - Penetration Testing and use of Burp Suite
  - AWS cloud infrastructure & security
• Good communication skills
  - Technical and non-Technical staff
  - Senior Management and external Customers

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

How would you like to chance to work for an innovative global consultancy? This opportunity is for experienced data privacy consultants to become a key part of the organisation. You would be part of a global network of security professionals working on projects for FTSE 100 and Fortune 500 clients, with a company ethos that centres around your progression and career.

If successful you will be working with clients from around the world, from a wide range of business sectors. Your key focus will be ensuring that the client achieves compliance in an organised and efficient manner while creating new business strategies deriving from new policies and legislation's.

As part of their team, you will be involved in a variety of projects, such as:

• Assessing data privacy compliance against the relevant legislative frameworks
• Designing and implementing data protection and privacy programs to achieve compliance
• Creating, testing and implementing new business strategies to take advantage of the legislation
• Conducting privacy impact assessments
• Third-party assessments
• Data governance and discovery tool implementation
• Information flow mapping to a common standard / using tools
• Deploying processes and tools to help detect and prevent privacy breaches
• Creating effective data privacy governance within our clients, creating a harmonised approach towards data protection and privacy by bringing together stakeholders (e.g. legal, compliance, risk, HR, security, business functions etc.)
• Assisting clients in privacy-related incident response activities
• Supporting the client's team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst etc.)

Skills and Requirements:

• Professional consulting background with a focus on data privacy and legislation
• Preference on sectors such as Life Sciences consultancy

You should also have the following skills/experiences:

Bachelor's or Master's Degree in IT, Law or relevant field that demonstrates your interest in the data protection and privacy domain.

Proven experience with relevant data protection and privacy laws and regulations (e.g. CCPA, EU GDPR, Privacy Shield) and industry standards and frameworks, such as GAPP and BCR

Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organisations (e.g. IAPP, ISACA, (ISC)²) is desirable. Where you do not have the qualifications, we will support you in achieving them

The ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements

To communicate effectively with different stakeholders (e.g. business, legal, IT, security) about data protection and privacy matters

An analytical mindset, with a focus on producing quality work in a results-oriented environment

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

How would you like to chance to work for a innovative global consultancy? This opportunity is for experienced Security Consultants to become a key part of the organisation. You would be part of a global network of security professionals working on projects for FTSE 100 and Fortune 500 clients, with a company ethos that centres around your progression and career.

Role Requirements:

As a Security Consultant within this consultancy you will be working with both public and private sector clients. A strong, broad knowledge is needed within information security to successfully thrive in this role.

• Creating and delivering end-to-end security architecture and solutions.
• Working with other Consultants, Architects and Developers to deliver leading solutions across; identity management, network and infrastructure protection, security monitoring etc., with the aim of defending against some of the most cutting-edge threats and capable threat actors.
• Track record of delivering security solutions for enterprise businesses with large-scale infrastructures.

Qualifications:

• Academic prowess should be backed with relevant experience and technical knowledge.
• CISSP, CISM, IISP/CCP, TOGAF, SABSA are preferred qualifications.

Company benefits:

• Transport allowance - £6,000 per year
• Private medical insurance
• Bonus scheme
• Market leading salary

Blackthorn Trace has a new and exciting opportunity for you to join a fast-growing technology start up based in London! Our client is looking for individuals who are passionate about understanding the detail in cyber security attacks. Using this knowledge, you will improve their detective capabilities and develop to become in time a subject matter expert in cyber defence!

Roles and Responsibilities:

• You will need to be able form relationships with their clients by understanding cyber security from the viewpoint of these clients and then offer timely expert advise and analysis
• You will support and eventually lead the creation of intelligence reports and then discuss the issues directly to their customers
• You will have the opportunity to work with their experts to help assist the creation of machine learning and artificial intelligence models. This is an amazing opportunity to show off your technical skill sets!
• You will need the ability to detail the emergence of new threats and do this by conducting original research

Skills and Requirements

• A degree in a computing related field
• 3 years' experience in a technical IT environment
• Good knowledge in Linux, Windows, SIEM's, IP networking or malware analysis
• A strong desire to understand how technology works and generate ideas to detect suspicious or malicious behaviour
• An incredibly personable and passionate candidate

This is a great opportunity to join a fast past and growing start up and if this sounds like you then please get in touch and apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Are you looking for your next Incident Response position? Our Fintech client based in London are looking to add to their outstanding cyber credentials after creating a multi-million pound cyber fusion centre by bringing on a Cyber Defence Analyst. They pride themselves that Cyber Security is at the beating heart of their culture.

This would be an ideal role if you are incredibly passionate about Cyber Security and want to be a part of a well known company who would value your skill set!

Roles and Responsibilities:

• We'll need you to identify Cyber Security threats and confidently perform analysis of anomalies on client's networks
• Monitor Cyber Security alerts though the SIEM to triage, mitigate and escalate issues
• Coordinate the initial workflow and response for different case types with both internal and external teams
• They'll need you to work closely with operational support staff to ensure they are actively engaged in potential security threats and concerns
• This role means you'll be providing round-the-clock support for their global security operations centre. Analysts work a 12-hour shift pattern, including holidays and weekends - so commitment is everything here

Skills and Requirements:

• Display great problem solving skills - this coupled with the tenacity and resilience to resolve issues
• A solid foundational understanding of TCP/IP and networks to include packet analysis, firewalls, routers, and ACLs
• Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps
• Ability to convey security concepts related Cyber Security events to both technical and non-technical audiences
• Experience with IDS/IPS, Endpoint protection, Network Security, WAF, Sandboxing and analysis toolsets
• Experience operating and administrating Security Information and Event Management (SIEM) platforms
• The ability to communicate and collaborate with other team members in a dynamic workforce
• Preferred - security operations experience but candidates with Forensics or Penetration Testing background will also be considered

If you are looking for your next Incident Response role then go ahead and apply now for immediate consideration.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.