14 JOBS FOUND
email - as they go live.
Digital Security Architect required for major , global name in Financial Services. The Digital Security Architect will play a lead role in designing and implementing global identity and access management solutions , with responsibilities for international collaboration with colleagues and key stakeholders located in global offices across, Europe and the APAC region.
The Digital Security Architect will come with proven architectural level experience designing and implementing Global Identity and Access Management solutions and of designing & supporting Global API Management solutions and linked technologies.
The Digital Security Architect will be a subject matter expert with industry standard Security Tools and User repositories such as Siteminder, LDAP and SSO with extensive experience in Web Access Management products such as Siteminder & Single Sign-On technologies including SAML and O-Auth.
Additional Experience of Threat detection and Risk management technologies and experience with any Cloud based Identity and Access Management solutions is strongly preferred.
The Digital Security Architect will a Strong understanding of Networks, Databases, Security, Application & Infrastructure design and be comfortable relating to technical and non technical audiences.
For more information and a more detailed job description please contact Neil Morgan at McGregor Boyall.
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Cloud Security Engineer required for global blue-chip. The Cloud Security Engineer is a mission critical hire and the successful candidate will be an SME in Cloud Security with responsibilities that include implementation of Cloud security controls to protect key Infrastructure for multiple cloud platforms including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform.
The Cloud Security Engineer will also Implement and configure best of breed security tools for Cloud ecosystems, including Anti-Malware, Encryption, Proxy, NGFW and WAF to cloud specific tool sets like container and serverless security.
Working in collaboration with teams across the company, The Cloud Security Engineer will embed modern automation and orchestration techniques; utilizing DevSecOps concepts to deliver highly secure, resilient, scalable and efficient solutions while playing a lead role in researching new and emerging Cloud and Cybersecurity solutions to solve client challenges.
The Cloud Security Engineer will come with the following skills ; Azure/AWS Architecture experience with the appropriate vendor certification, Experience with one or more general purpose programming languages including but not limited to: AWS CLI, Bash, Java, C/C++, C#, Objective C, Python, JavaScript, Knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security ,Understanding of networking and core Internet Protocols such as TCP/IP
The successful candidate will come with 5 + years’ experience securing cloud software, platforms and/or infrastructure as an architect or engineer and my client welcomes recognised and relevant certifications such as CISSP, CISM, CCSP, AWS, Google, Azure, etc.
More information about this fantastic opportunity please contact Neil Morgan at McGregor Boyall.
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Sailpoint Engineer required for busy SSO team within a major name in financial services. The Sailpoint engineer will support the success and delivery of the IGA tools and services and the delivery of a comprehensive and cohesive global IAM service which will manage approximately 30,000 users worldwide.
The Sailpoint Engineer will support ongoing maintenance, support and upgrades of the platform and application while playing a lead role in assisting to extend SailPoint’s capabilities
The Sailpoint Engineer will maintain technical documentation and be required to face off to a range of IT Security stakeholders across the business while working with U.S and APAC based colleagues.
The Sailpoint Engineer will be a first class communicator both written and verbally, and come with the following technical skills :
Strong Java development skills
Experience of engineering SailPoint IGA solutions (IIQ preferred)
Development of custom reports
Development of IIQ rules
Onboarding applications using a variety of connectors
Development of custom workflows
Good project delivery experience as part of a complex and fast moving programme
Excellent interpersonal & communications skills
Positive and enthusiastic attitude who thrives on problem solving
Can work independently with minimal supervision
Experience supporting a service, creating run books, & 24/7 uptime and support
Ability to troubleshoot issues and interact with a variety of stakeholders to identify solutions.
Experience of administering SailPoint IGA solutions (IIQ preferred)
Knowledge and awareness of other products and services in the Identity and Access Management field e.g. Active Directory, SSO, PAM.
Applications from candidates with Security Certifications (CISM, CISSP, CISA, CISM, CRISC, ITIL, PMP) , are welcomed as is an industry related degree.
For more information on this contract opportunity please contact Neil Morgan at McGregor Boyall
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Product Security Director required for global name in financial services.
The Product Security Director will play a vital role with protecting business information and financial assets across the globe. The Product Security Director will be hands on with proven technical ability along with strong leadership skills. They will be responsible for managing key 3rd party relationships and a team of highly skilled contractors. Experience of managing larger teams or offshore teams is also welcomed.
The Product Security Director will be a strong communicator, comfortable engaging with key stakeholders across global Cyber Security functions, including Security Engineering and Security Architecture teams.
The Product Security Director will preferably come from an Application Security Background and experience with the following tools ; IBM Appscan, VeraCode, Checkmarx, Fortify, Qualys Vulnerability Management, Tenable Nessus, JIRA Linux, Windows, WAF/RASP/IAST/DAST. Knowledge of SIEM, Threat Modeling and DeSecOp's & Secure Coding best practices are highly desired.
Applications from candidates with IT Security related degrees and industry qualifications such as CISSP, CISA, CAST, CISM are welcomed.
For more information and a detailed job spec please contact Neil Morgan at McGregor Boyall.
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
McGregor Boyall have an exciting new opportunity for a Senior Information Security Specialist to join an ever-growing financial organisation based in Glasgow City Centre. This innovative bank is going through an exciting period of growth and requires a Senior Technical Specialist to join the Cyber Threat Intelligence Team, taking a leading role in improving the company’s ability to react quickly to new intelligence.
The successful candidate will play a crucial role in protecting the company and its customers and will be tasked with delivering consistent, high quality security advice and guidance. The Specialist will analyse diverse information sources and produce timely and relevant intelligence to protect and strengthen the Banks’s position against any current and emerging threats.
Key Skills and Experience
- Strong knowledge of threat intelligence sources and analysis methodologies
- Practical experience of Technical Security concepts, with practical experience of multiple Information Security domains within a corporate environment
- The ability to engage senior management and stakeholders to influence decisions to improve security across the company in line with an evolving threat landscape
- The ability to manage multiple priorities in a fast-changing and challenging environment
McGregor Boyall is acting as an Employment Agency in relation to this vacancy.
Cloud Security Architect required to join a top financial services organisation . The Cloud Security Architect will evaluate, design and implement new technology and processes to help the group whilst adopting a risk based design methodology. The Cloud Security Architect will come with a strong blend of Cloud Security,Network Security, Infrastructure and Application Security skills. Strong AWS and Azure skills are a must have.
The Cloud Security Architect will come with sound knowledge of enterprise security concepts/ frameworks and products. Experience of working in financial services sector (especially banking or financial services) and knowledge of the security requirements for this sector and associated standards and frameworks. Extensive experience of enterprise security solutions and best practice controls for infrastructure and application architectures. Prior relevant experience gained in a Cloud security project/consultancy/infrastructure/architect orientated role. Experience with intelligence gathering regarding security threats is desired.
The Cloud Security Architect will be comfortable with technical security implementations and analysis in a first class international business. Strong communication and stakeholder management skills are essential.
Candidates with Security related degrees and relevant industry qualifications including CISSP, CISA, CISM are desired along with relevant Cloud Certifications around AWS and Azure.
For more information on the role please contact Neil Morgan at McGregor Boyall.
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Senior Cyber Threat Intelligence Manager required for dynamic Cyber Security function within global banking organisation.
The Senior Cyber Threat Intelligence Manager will be a champion for Cyber Security and Threat Intelligence within the organisation and participate in the local and regional intelligence sharing community . The Senior Cyber Threat Intelligence Manager will represent the Bank and its profile in the space while producing excellent written intelligence reports.
The Senior Cyber Threat Intelligence Manager will be a high quality communicator that will establish, develop and own relationships with senior internal and external stakeholders. They will also act as a part of the incident response team where appropriate.
The successful candidate will come with over five years experience in threat intelligence within the financial services sector, preferably within a banking environment. Experience in using various open sources and tools to research external threat actors and threat actor groups is preferred as is previous experience in SOC analysis. Experience with Linux/Unix & database technologies is advantageous as is the ability to create scripts with Python, Bash and SQL.
Applications from candidates with security related degrees and relevant security industry certifications such as CISSP, CISM, CISA , CREST CTIM, CREST CTIA are welcomed.
For more information on this role please contact Neil Morgan at McGregor Boyall.
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
IAM Technology Unix SME – Sheffield – Permanent
Following extensive investment across our client’s Technology and Digital domains and with plans for continued expansion throughout 2019 and beyond, we are currently seeking an IAM Technology Data Management SME to join our client on a full-time, permanent basis.
The IAM Technology UNIX SME role sits within the Identity Access Management Technology Team and reports to the Head of IAM Technology.
Responsibilities
- Provide subject matter IAM expertise on the UNIX platform
- Drive prioritisation of remediation efforts for incidents of non-compliance based on internal risk and compliance requirements
- Track and report on remediation efforts to management, highlighting risks to the remediation program
- Create a robust escalation process designed to highlight new areas of non-compliance to management
Essential Requirements
- Extensive experience working within an IAM function
- Expert level knowledge of UNIX
- Proven experience of motivating others to deliver exceptional performance and long terms results
- A flexible and adaptable management style with experience of developing yourself and others
- Both spoken and written communication skills with experience of adapting your style and approach to the audience and message to be delivered
- A track record of making complex business decisions with authority, even in times of ambiguity, considering the potential long-term risks and implications
- Experience of creating and deploying comprehensive business/operating plans which consistently deliver desired results
IAM Technology Unix SME – Sheffield – Permanent
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
T1 Security Analyst – Entry level Cyber role
An exciting junior-level opportunity is available for an enthusiastic individual to join our Client’s Security Operations Centre in Glasgow, as a Tier 1 Security Analyst.
In order to be considered for this role, you must be eligible for UK security clearance at SC level. Please scroll down to “essential requirements” to see some of the criteria for SC clearance.
Previous experience in a similar function is desirable but not essential, so recent graduates who can demonstrate a good understanding of, and a passion for Cyber Security are welcome to apply.
The key areas of understanding necessary for this role are; SIEM technologies, troubleshooting, security analysis and common attacks (DDOS, phishing etc…)
Responsibilities
You will work alongside the rest of the SOC team, building experience while leveraging the team’s expertise to accelerate learning and understanding of the SOC and Information Security, in addition to making use of training resources that will be provided.
- Monitor and respond to security alerts generated by technologies such as SIEM, IDS and NGFW’s, within a given SLA
- Performing triage, in-depth analysis and investigation as guided by processes and playbooks
- Assist with incident response and post incident reviews
- Conduct security investigations using historical data
- Conduct investigations with a wide range of data sets across multiple customer environments
- Develop and maintain a strong relationship with the client IT and Information Security teams.
Essential Requirements
- To be based full time in the Glasgow Office
- Excellent communication skills
- Ability to work on a shift rota, including working regular weekends and night-shifts
- Ability to take a consultative approach to customer engagements
- Have a commercial awareness when dealing with IT security matters
- Must be able to be UK Government Security Cleared (SC or DV) (You will need to have lived in the UK for at least the past 5 years, with no longer than a 6-month gap abroad and pass the relevant security checks (criminal record check, credit check etc…)
T1 Security Analyst – Entry level Cyber role
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Information Security Consultant – Bournemouth – Permanent
A senior role within the information security team, responsible for ensuring that information assets are adequately protected and that appropriate controls are in place to manage identified risks.
Responsibilities
· Provide professional advice to business areas on Information Security best practice and internal policies and standards · Assist in the development, maintenance and improvement of the Information Security Management System (ISMS) · Undertake compliance audits in line with ISO27001, PCIDSS and Internal Audit requirements · Risk assessments; identify and assess information security risks and define appropriate mitigating controls · Develop the configuration of technical Security tools; Lead on / contribute to Information Security initiatives/projects, including TPAM, RBAC, MSS… · Manage external regulatory compliance and certification efforts as required · Facilitate penetration tests where required and manage remediation of findings · Engagement with project managers to ensure risks are identified and are being addressed through the SDLC; tracking of project and development activities to ensure Information Security risks are identified and are being addressed through the project process/SDLC · Define, implement and maintain information security policies, standards, procedures and processes · Undertake security due diligence on third party suppliers including site visits as required · Development of information security training and awareness activities · Be a key contact for, and lead on the management of information security incidents/cyber incidents; lead on developing processes/playbooks |
Requirements · Excellent understanding of Information Security principles and frameworks, data protection and regulatory compliance (ISO27001, GDPR, FCA, PRA, ICO, PCI DSS, Cyber Essentials) · Demonstrated ability to identify and implement Information Security and process improvements · Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audience · Experience of working with projects throughout the SDLC · Experience of developing and implementing information security policies and procedures in line with frameworks · Proven experience of influencing stakeholders at all levels · Strong level of technical knowledge e.g. Cloud Technology, Identity and Access etc · Experience of implementing/managing information security monitoring tools (e.g. Mail Marshal / Websense / McAfee / Splunk / PAM / DLP |
Information Security Consultant – Bournemouth – Permanent
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Senior Information Security Analyst – Data Loss Prevention specialist
Summary
We are currently looking for a highly skilled cyber security specialist join the Cyber Security & Technology Risk division of our client in Nottingham.
After a massive investment into their already established security programmes, a new role has been created in the DLP team for someone who is looking to work with the latest technology, join a great team of people, obtain clear career progression and help defend against the impact of the most sophisticated attacks to date.
Responsibilities
- Implement new security tools and processes to enhance DLP strategy
- Execute DLP cloud & mobile initiatives
- Manage DLP agent deployment, perform DLP entitlement reviews, maintain policies within DLP tools
- Facilitate the DLP rule lifecycle processes including review and retirement of existing rules
- Test DLP rules prior to full deployment
- Liaise with the DLP Council regarding approval of new rules
- Manage DLP events and elevate anomalous events of concern
- Partner with external consultants to undertake business analysis for new DLP rules
- Ensure DLP documentation is maintained, accurately and regularly reviewed
- Prepare and maintain DLP metrics & reporting processes for business leadership
- Provide expertise and recommendation to incident triage process
- Assist in the creation of a new Insider Threat Program
- Develop Insider Threat requirements that illustrate issues on computer misuse, various violations of policies, counterintelligence concerns, foreign influence, or other insider threat risks
Essential Requirements
- Significant experience within either Risk Management or Technology. Ideally with an emphasis on Information Security, business applications, and security best practices.
- Experience with DLP technologies (Network, Email, Endpoint, etc.) and processes.
- Strong verbal and written communication and collaboration skills
- Ability to build relationships and influence all levels within an organization
- Knowledge of general network, platform, enterprise, cloud and security technologies
- Willingness and ability to travel domestically and internationally up to 15%
Desired Requirements
- Certifications such as Security+, CISSP andor CISM a plus
- Experience implementing an Insider Threat Program
- Experience with Cloud Access Security Broker (CASB) solutions
- Experience working with data privacy officers, data privacy authorities, works councils, labor unions, etc. with respects to Data Loss Prevention and Data Protection Programs
- Knowledge in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
Senior Information Security Analyst – Data Loss Prevention specialist
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
Application Security Remediation Manager – Secure by Design
We have an excellent opportunity available to be part of our client’s Cyber Security Technology Risk team. You will own AppSec Technical Remediation and engage with teams to promote security awareness, encourage a defensive mindset, influence their processes and priorities and provide expert security guidance.
You will also have a stake in helping build robust and secure solutions that scale to the needs of professionals that depend on our client’s products daily.
This is more of a “hands-off” role in terms of development, however strong technical knowledge is required.
Key Responsibilities:
- Work in a fast-paced development environment and partner with engineering and product teams to ensure that new product feature development adheres to security best practices.
- Conduct regular security reviews of both software and processes.
- Review and create threat models.
- Build and own Technical Remediation plans
- Identify common themes so that the business can start initiatives to remediate
- Coordinate remediation of any application security weaknesses uncovered.
- Promote the use of automation tools to assist manual reviews in identifying issues. Promote security training and awareness in the organization.
- Pull results from penetration testing and interact with penetration testers and other external vendors to validate that security controls work as expected.
Required Expertise/Experience:
- Recent experience or background in application security
- Experience in the software development lifecycle
- Full understanding of remediation logging, planning and ongoing activities
- Full understanding of web stack, web security and common vulnerabilities.
- Experience facilitating code reviews or tool development.
- Very strong knowledge in security with respect to web development and enterprise app development.
- Good understanding of cloud technologies (SaaS, PaaS, IaaS).
- Experience with automation tools and deployments.
Application Security Remediation Manager – Secure by Design
McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.
