Get new jobs for this search by email

Information Security Practitioner

  • £60000 - £66950 per annum

Blackthorn Trace are working with a regulatory body within the Energy market, we're looking for an experienced manager to oversee the maintenance of their ISO Accreditations, managing internal and external audits in line with company policy.

Key skills:

  • Experience of proactively managing the internal and external assurance processes to ensure ongoing Accreditation of ISO9000, ISO27001 and ISO14001 with an external audit (BSI).
  • Maintenance of corporate customer-facing processes to ITIL standards
  • Fully conversant with GDPR and related risks
  • Implementing and managing processes and improvements in a multi-vendor environment
  • Ability to research and maintain best practice in quality management
  • Experience of carrying out external audits of customer's alignment with agreed process
  • Influencer with gravitas to gain senior management buy-in
  • Experience with developing processes to be used with technical services, including data services using personal and sensitive data
  • Analytical and problem-solving skills
  • The ability to facilitate change
  • Persistence and the ability to influence others
  • A strategic approach to work

Desirable Knowledge and Experience:

  • Understanding of the Energy market in the UK
  • Working with external service providers and vendors
  • Experience in managing IT Projects
  • Energetic self-starter who commands respect of colleagues

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Cyber Risk Specialist

  • £61000 - £69000 per annum

Our client in the aviation sector are looking for a Cyber Security Partner to join and lead a team of Risk Specialist's. They are undergoing some dramatic changes within the business and need passionate, analytical and knowledgeable individuals to join their team. Your role will involve accessing the business's security landscape and help ensure cyber risk is understood and guide the business during this transformation.

The Role

  • Partner with the rest of the business to ensure risk-based decisions are made to aid continuous improvement
  • Whilst providing technical expertise you will understand associated regulations to projects whilst identifying the risk profile, identify framework and potential risks the project could pose
  • Understand when to involve other teams within the business including Security Architects and Engineers.
  • Have a broad understanding of technical skill sets and train up junior members of the team
  • Contribute to the development of cyber security policies and standards.
  • Can work with key stakeholders to ensure best practises are adhered to whilst continuously developing the cyber function.
  • Ensure team productivity
  • Make formal recommendations based on Risk
  • Identify and draft various industry standards and frameworks and apply them within the business
  • To Develop key bow-tie risk models whilst innovating the business and managing risk

Qualifications

  • CRISC ,CISSP or Cyber security MSc

This is a great opportunity for an experienced consultant to join a major client who has won awards for most improved workplace and lead a team. If you are looking to get involved with Enterprise Security, then apply now.

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Technical Security Architect

  • £85000 - £90000 per annum

Are you looking for a position of importance? My client is looking for a Technical Security Architect to help provide resilience across their Cyber teams to ensure they maintain operational capability in the current security landscape. In This role you will be there to support the services which provides data communications to various sites and systems as part of Business Infrastructure and Revenue earning systems. This is a highly technical role but one of vital importance to the day to day running of our client's business.

Key Responsibilities:

  • Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers
  • Develop security strategy plans and roadmaps based on sound enterprise architecture practices
  • Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
  • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
  • Participate in application and infrastructure projects, and commercial product/service development activities to provide security design and consultancy advice
  • Draft security procedures and standards to be reviewed and approved
  • Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services
  • Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
  • Conduct or facilitate threat modeling of services and applications that tie to the risk, data and industry drivers associated with the service or application
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
  • Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems for both internal and commercial utilisation
  • Review network segmentation to ensure least privilege for network access
  • Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which theorganization shares intellectual property (IP), as well as regulated or other protected data:
    • Software as a service (SaaS) providers
    • Cloud/infrastructure as a service (IaaS) providers
    • Managed service providers (MSPs)
    • Payroll providers
  • Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the Director, Security Engineering and Procurement teams
  • Support the testing and validation of internal and commercial security controls, as directed by the Director, Security Engineering
  • Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use, based on security, financial, operational and commercial metrics

QUALIFICATIONS

Essential Knowledge and Skills:

  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired.
  • Formal training in a relevant enterprise architecture methodology (for example, the Zachman Framework or TOGAF).
  • Strong combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments.
  • Knowledge of security issues, techniques and implications across all existing computer platforms, including datacenter, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms.
  • Experience in using an enterprise architecture methodology (for example, Zachman, TOGAF and Gartner frameworks).
  • Knowledge of a security-specific architecture methodology (for example, SABSA).
  • The role is involved in projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.

This is an exciting opportunity to join a global organisation and to find out more apply today!

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Intelligence Data Management & Compliance Project Manager

Intelligence Data Management & Compliance Project Manager

Location: LONDON | Division: DEFENSIVE | Work Type: CONTRACT | Reports to: OPS MANAGER

How would like the chance to work for a company that is the first line of defence for the music industry? This your chance to help defend some high-profile clients from exploitation and aid in taking down the perpetrators. You will be the data manager for a range of cases where you will be aiding in the; collection, analysis and compliance aspects of data.

Key responsibilities include:

  • Review the way in which Evidence & Intelligence are currently handled in Content Protection & shared with internal & external stakeholders, including identifying the main areas of risk
  • In collaboration with Legal & IT, define the requirements for sensitive information to be gathered, stored, retrieved, shared & deleted in compliance with current UK regulations;
  • Coordinate the implementation of a technical infrastructure for Evidence & Intelligence Management & ensure the adoption of best practices within the Content Protection team, including but not limited to the Digital & Physical Piracy Investigation Unit;
  • Document processes & procedures & provide training to the team as required;
  • Ensure accurate intelligence logging on IBM's i2 system, including defining the requirements for any necessary reconfiguration of the system;
  • Migrate the existing passwords to a password management system (1 Password);
  • Oversee the introduction of cloud-based virtual machines & their correct use by all the relevant staff members

Required:

  • Solid knowledge of procedures, laws & regulations governing Evidence & Intelligence Management, including but not limited to GDPR & Disclosure regulations;
  • Previous experience in working with legal departments & /or law enforcement agencies;
  • Good working knowledge of IBM's i2 system;
  • Understanding of database architecture, file directories & file transfer protocols;
  • Positive mental attitude & high energy approach to work;
  • Good communication & the ability to manage different stakeholder interests;
  • Ability to document processes & procedures in a clear, modular & accessible way;
  • Ability to progress a project ensuring completion within the set time frame.
  • With the help of the team & in collaboration with Legal, audit sensitive information held by Content Protection & advise on the deletion of historical data as applicable.

Desirable:

  • Law Enforcement/Criminal Law background;
  • Familiarity with the concept of information governance for the purpose of legal compliance, operational transparency & legal discovery;
  • Previous experience in a compliance role.

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Penetration Tester

Location: LONDON/ ONSITE | Division: OFFENSIVE | Work Type: PERM | Reports to: PRINCIPAL CONSULTANT

How would you like to chance to work for an innovative global consultancy? This is your opportunity to join a penetration testing team with over 15 years of consistent success. The team within this innovative consultancy work across multiple sectors from; transportation to financial services allowing you to put your skills to the test! You would be part of a global network of security professionals working on projects for FTSE 100 and Fortune 500 clients, with a company ethos that centres around your progression and career.

As part of the red team you will be expected to:

  • Have 2 years of full-time penetration testing experience
  • Be a self-motivated individual that can work within a large team
  • Possess strong communication skills enabling you to converse with all members of a client's organisation with appropriate technical language
  • Have experience working on and deployed a range of penetration tests such as; web application, mobile application, and infrastructure and secure code analysis etc.
  • Contribute and be interested in delivering CREST accredited hacking training
  • Support the pre-sales team with technical knowledge and input
  • Produce written and verbal reports to clients of a high standard
  • Work within the large network of teams within the consultancy, providing the latest technical knowledge to collaborate with innovative client projects

What the role can offer you:

  • The opportunity to gain experience in dealing with a range of clients across multiple sectors who require a plethora of security assessments
  • Access to CREST and other technical training courses
  • Allocated study time to achieve and maintain CREST and other qualifications which are fully funded
  • The ability to develop your own personal profile within the industry through R&D and publishing vulnerabilities
  • The opportunity to work on client sites and be fully immersed in a commercial environment that is security-focused

Benefits package:

  • Private medical insurance
  • Transport allowance
  • Pension scheme
  • Annual performance-based bonus
  • Marketing leading salary
  • Lead

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Penetration Tester

Location: TOP SECRET | Division: OFFENSIVE | Position type: PERM | Reports to: PENTESTING LEAD

Want to work for one of the largest financial services corporations as a penetration tester, testing your ability against one of the most formidable security systems in the world?

This is your opportunity to gain experience within a global financial services giant that is looking for experienced penetration testers to join their world-renowned team. Your focus would be conducting and deploying a range of penetration methods across; internal and external web, mobile and web service applications to find and exploit vulnerabilities.

Opportunity responsibilities:

  • Code reviews, vulnerability assessments and penetration tests of web/mobile and web service applications.
  • Create documentation of your findings and communicate them to; application developers and senior management in a non-technical manner.
  • Utilize automated and manual techniques and tools to uncover security vulnerabilities within the system.

Your skill-set should include:

  • Previous experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc).
  • Knowledge of network and Web-related protocols/technologies
  • Ability to demonstrate manual web application testing experience
  • Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, Seeker etc.)
  • Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)
  • Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM would be advantageous
  • Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C would be advantageous

Qualifications/ examples preferred:

  • OSCP
  • CRT/ CCT
  • GWAPT / GPEN
  • Bachelors degree

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Senior Penetration Tester

Location: REMOTE/ ON-SITE | Division: OFFENSIVE | Work Type: PERM | Reports to: HEAD OF PENTESTING

How would you like to join one of the fastest-growing Cyber Consultancies in the UK? This is your opportunity to be a key player in the growth of the organisation, you will a hands-on leader of the already thriving team. With their large existing client bank across multiple sectors compiled of FTSE 500 and Blue-Chip companies, your skills will be put to the test!

Senior Penetration Testers are specifically responsible for:

  • Delivering penetration testing engagements to a high quality.
  • Producing Customer reports to a high degree of quality and accuracy.
  • Expanding personal knowledge with both self-study and funded training courses.
  • Assisting more junior testers with understanding on findings and vulnerabilities.
  • Senior review of reports from across the whole team.
  • Assisting the Head of Pentesting to build out teams of more junior personnel
  • Acting as an escalation point for both technical and non-technical queries.
  • Assisting the sales team with defining client requirements.
  • Leading and ensuring enough development of team skills to ensure coverage of client requirements.
  • Reviewing testing methodologies to ensure the latest standards are met.

Essential Skills / Qualifications / Experience

  • Bachelor's degree in Information Security, Computer Science, Information Technology or related degree, or demonstrable equivalent industry experience
  • Experience of managing or supervising staff
  • Strong understanding of IT networking services and protocols (TCP/UDP, FTP, SMTP etc.).
  • Strong understanding of common web technologies (.NET, PHP, XML, JSON etc.).
  • Strong understanding of common scripting languages (Python, Ruby, PowerShell etc.).
  • Very strong understanding of penetration testing frameworks and tools (Kali, Metasploit, Nmap etc.).
  • Deep knowledge of current cyber security trends
  • Strong documentation and communication skills.
  • Strong analytical and problem-solving skills.
  • Passion for all thing's information technology and information security.

Desirable Skills / Qualifications / Experience

  • SANS GXPN
  • CCT - INF or WEB APP
  • OSCP/OSCE

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Penetration Tester - Team Lead

Location: WEST SUSSEX | Division: OFFENSIVE | Work Type: PERMANENT | Reports to: HEAD OF PENTESTING

How would you like to join one of the fastest-growing Cyber Consultancies in the UK? This is your opportunity to be a key player in the growth of the organisation, you will be a hands-on leader of the already thriving team. With their large existing client bank across multiple sectors compiled of FTSE 500 and Blue-Chip companies, your skills will be put to the test!

What's expected of you:

  • Have 2 years of experience as a pentester preferably within a consultancy
  • Be a self-starter that can lead by example
  • Possess strong communication skills enabling you to converse with all members of a client's organisation with appropriate technical language
  • Produce written and verbal reports of a high standard to clients/ stakeholders
  • Work with the juniors to develop their portfolio of skills
  • Develop the juniors to understand the vulnerabilities you have found
  • Have great experience with a range of technologies and scripting languages
  • A key interest in the progression and maturity of the team

What the role can offer you:

  • Access to CREST training and other courses
  • Remote/ flexible working to maintain a great work/ life balance
  • The opportunity to work within an innovative, expanding business with a clear progression plan
  • The opportunity to run engagements with various companies in different sectors

Preferred Qualifications:

  • CRT/CCT
  • OSCP/OSCE
  • GPEN
  • Or any equivalent

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Application Security Specialist

  • £75000 - £80000 per annum

Blackthorn Trace are working with one of the world's largest online ticketing providers. Operating in over 45 countries they have over 80 million visits to their website/app each month. They are now looking to add to their current security team after phenomenal growth in recent years.

Their application security team works closely with development and operations to build security in to applications and support processes. They provide assurance in the application lifecycle in various areas, including; design reviews, supporting automated code scanning, performing targeted application vulnerability assessments, and ethical hacking across systems.

Key Responsibilities

  • Ensuring ongoing security of multichannel operations covering ecommerce, mobile, and customer relations
  • Helping to embed security in the development and operational lifecycle, and showing continued security value by presenting risk from the customer and business perspective
  • Ensuring teams have what they need to deliver secure code and applications including the skills, tools and training
  • Static and dynamic security testing including code scanning, hands on targeted assessments and ethical hacking
  • Ownership of security toolsets for the discovery and investigation of potential vulnerabilities and activity monitoring
  • Reviewing and advising on application architecture and designs
  • Acting as security evangelist and 'mentor' to the business and development teams

Knowledge & Experience

  • Excellent skills in penetration testing
  • Experience working with external pen testers
  • A thorough knowledge of cyber and information security
  • Experience or working knowledge of a variety of SAST and DAST security tools
  • Hands on exposure with web application firewalls
  • Knowledge of infrastructure security scanning software
  • Knowledge of secure development practices
  • Able to analyse technical data to decipher, prioritise and act upon findings
  • Knowledge of software security standards
  • Knowledge of current information security standards and regulations

The team you will be joining are extremely passionate about the company and the industry. They are looking for a very personable and proactive candidate to join their family. If you are looking to join a company that offers, clear progression and development for the future then please get in touch now!

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Security Design Specialist

  • £65000 - £75000 per annum

We are looking for a Security Design Specialist to join our client who are undergoing a massive transition. They are looking to transform their security posture and bring in a specialist team of Architects to assist them. It will be down to you and the team to ensure the confidentiality, availability and integrity of the system whilst providing technical security advice. You will also have a say in future tooling's and systems used and how to improve security processes in the future.

JOB ACCOUNTABILITIES

  • Responsible for technical assurance of security systems, infrastructure, applications and solutions, aligned to IT strategy and security standards

  • Responsible for establishing and maintaining security standards, processes, procedures and guidelines related to security architecture and Technical Design Authority process

  • Provide IT teams with security focused technical consultancy to ensure compliance with security policies, standards and regulations

  • Input into RFI and RFP technology/vendor selection, ensuring solutions embed and meet security requirements and are secure by design.

  • Contribute to/and implement strategies for embedding relevant security policies and security technical standards in projects and services

  • Ownership of the design and configuration requirements for operational security systems and platforms

  • Responsible for continuous improvement of security services and contribution to the security architecture roadmap

  • Retain a working knowledge of related security technical areas such as; application, network and host, to enable effective liaison with other technical groups and protection of Sensitive Information.

  • Produce and disseminate management information in relation to security technical architecture, technical assurance of projects and all associated solutions

  • Establish mechanisms, behaviours and culture to encourage the protection of their information and information systems.

  • Work closely with enterprise architects, solution architects, technical architects and other senior IT designers to ensure all services are 'Secure by Design'

KEY SKILLS REQUIRED

  • A thorough understanding of the security threat landscape, significant risks, technical developments and directions.

  • Demonstrable experience of working in a security architecture team

  • Depth of experience in IT Technical Security, including time as a security senior practitioner

  • Experience of security systems and controls, including, vulnerability management, web content filtering, intrusion prevention, SIEM, email security, DLP, NAC, IAM, O365, AWS, SDLC, SDLC, SAST, DAST, SecDevOps tool chain and Web Application Firewalls

  • Ability to harness the commitment and contribution of team members outside of direct span of control

  • Ability to conduct research into security technical platforms and evaluate capabilities

  • Ability to build strong relationships and influence decisions with internal and external stakeholders.

  • Familiarity with patterns, practices and frameworks of Enterprise Architecture

  • Certified Information Systems Security Professional (CISSP)

  • Certified Information Security Architecture Professional (CISSP-ISSAP)

  • Certified Secure Software Lifecycle Professional (CSSLP)

  • Certified Cloud Security Professional (CCSP)

This is an exciting opportunity to join our

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Get new jobs for this search by email