Azure Cloud Security Architect M365 NIST ISO27001

A global investment business covering individual and institutional investment strategy is looking to add an Azure Specialist Cloud Security Architect to their successful team just outside of Epsom.

You will join the global Cyber Security function protecting the Technology Environment from internal and external security threats. This encompasses Application Security (through secure coding practices, penetration testing, and developer training) Centralised Access Management, Infrastructure Security, Security Engineering and Architecture, Security Application Support, Cyber Defence Operations, Information Security Risk Management, Technology Risk and Audit Management/Technology Service Continuity.

You will be the primary contact for M365 and Azure engagement, driving interaction with core stakeholders including Cyber Security, Cloud Operations and Product Owner teams. You will be expected to be an expert in the implementation of workload within Microsoft Cloud Services in a secure and compliant manner and will consult on the appropriate use.

You will drive engagement with Cloud Operations and Product Owner teams to support the definition of security requirements for new Microsoft Cloud based services and applications.

In this role you will also be expected to perform secure solution design, ensuring standardisation and consistency in the definition of security principles and ensuring that security is built in by design and complies with overarching organisational security requirements.

Key Responsibilities

• Delivering in collaboration with Product Teams and Cyber Security Teams the adoption of Microsoft Cloud based security services and capabilities.
• Designing security in from the start and supporting the companies cloud first strategy.
• Creating, reviewing and enforcing security design patterns to support desired architecture.
• Empowering Product Teams and Cloud Operations to achieve secure delivery underpinning the Cloud First strategy.
• A Cloud evangelist, passionate about driving innovation of security and Cloud adoption.
• Responsible for defining how the business will utilise Microsoft Cloud in a secure and compliant manner.
• Responsible for ensuring that all cloud security designs, blueprints and artefacts are maintained and adhere to good practice.
• Acting as a point of contact for Cloud Security Architecture for other Technology teams within the organisation.
• Leading the assessment of Microsoft Cloud services and how they may be consumed in a financial services organisation globally.
• Responsible for identifying and recommending component design changes to achieve compliance with security policies and the enterprise security architecture blueprints and roadmaps.

Experience and Qualifications Required

• Recent and practical experience of implementing Microsoft Cloud security services including AAD, MCAS, ATP, Mobile Security and Azure Security.
• Experience of secure implementation and adoption of wider Microsoft Cloud based capability in a secure manner.
• Knowledge of the OWASP top 10 vulnerabilities.
• Understanding of off-cloud technologies; storage, server, network, middleware etc and how they may interact in a hybrid cloud environment.
• Familiarity with NIST 800-53, Cloud Security Alliance and ISO27001 control frameworks.
• Working understanding of GDPR, FCA regulations, Privacy regulations and practices.
• Experience of platform and application layer encryption concepts and practices.
• Team player, collaborator and educator.
• Able to operate with autonomy and build relationships - become the "go-to" person.
• Ability to consume and define integration technology and patterns.
• Concise and effective communicator confident with presenting to audiences at all levels in an organisation and will mixed levels of technical understanding.
• Scrum/Kanban experience.

This organisation is looking for someone who has the personality and desire to build strong internal relationships whilst delivering business critical Azure projects to tight deadlines.

You will possess a breadth of knowledge across the Cyber and/or Technology stacks with working familiarity of Cyber control frameworks NIST, ISO27001 etc. with a clear understanding of the OWASP top 10. An undergraduate degree in a relevant technology field or significant relevant experience is a must.

Must also have security accreditations such as CISM, CISSP or CISA.

If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Azure Cloud Security Architect M365 NIST ISO27001

A global investment business covering individual and institutional investment strategy is looking to add an Azure Specialist Cloud Security Architect to their successful team just outside of Epsom.

You will join the global Cyber Security function protecting the Technology Environment from internal and external security threats. This encompasses Application Security (through secure coding practices, penetration testing, and developer training) Centralised Access Management, Infrastructure Security, Security Engineering and Architecture, Security Application Support, Cyber Defence Operations, Information Security Risk Management, Technology Risk and Audit Management/Technology Service Continuity.

You will be the primary contact for M365 and Azure engagement, driving interaction with core stakeholders including Cyber Security, Cloud Operations and Product Owner teams. You will be expected to be an expert in the implementation of workload within Microsoft Cloud Services in a secure and compliant manner and will consult on the appropriate use.

You will drive engagement with Cloud Operations and Product Owner teams to support the definition of security requirements for new Microsoft Cloud based services and applications.

In this role you will also be expected to perform secure solution design, ensuring standardisation and consistency in the definition of security principles and ensuring that security is built in by design and complies with overarching organisational security requirements.

Key Responsibilities

• Delivering in collaboration with Product Teams and Cyber Security Teams the adoption of Microsoft Cloud based security services and capabilities.
• Designing security in from the start and supporting the companies cloud first strategy.
• Creating, reviewing and enforcing security design patterns to support desired architecture.
• Empowering Product Teams and Cloud Operations to achieve secure delivery underpinning the Cloud First strategy.
• A Cloud evangelist, passionate about driving innovation of security and Cloud adoption.
• Responsible for defining how the business will utilise Microsoft Cloud in a secure and compliant manner.
• Responsible for ensuring that all cloud security designs, blueprints and artefacts are maintained and adhere to good practice.
• Acting as a point of contact for Cloud Security Architecture for other Technology teams within the organisation.
• Leading the assessment of Microsoft Cloud services and how they may be consumed in a financial services organisation globally.
• Responsible for identifying and recommending component design changes to achieve compliance with security policies and the enterprise security architecture blueprints and roadmaps.

Experience and Qualifications Required

• Recent and practical experience of implementing Microsoft Cloud security services including AAD, MCAS, ATP, Mobile Security and Azure Security.
• Experience of secure implementation and adoption of wider Microsoft Cloud based capability in a secure manner.
• Knowledge of the OWASP top 10 vulnerabilities.
• Understanding of off-cloud technologies; storage, server, network, middleware etc and how they may interact in a hybrid cloud environment.
• Familiarity with NIST 800-53, Cloud Security Alliance and ISO27001 control frameworks.
• Working understanding of GDPR, FCA regulations, Privacy regulations and practices.
• Experience of platform and application layer encryption concepts and practices.
• Team player, collaborator and educator.
• Able to operate with autonomy and build relationships - become the "go-to" person.
• Ability to consume and define integration technology and patterns.
• Concise and effective communicator confident with presenting to audiences at all levels in an organisation and will mixed levels of technical understanding.
• Scrum/Kanban experience.

This organisation is looking for someone who has the personality and desire to build strong internal relationships whilst delivering business critical Azure projects to tight deadlines.

You will possess a breadth of knowledge across the Cyber and/or Technology stacks with working familiarity of Cyber control frameworks NIST, ISO27001 etc. with a clear understanding of the OWASP top 10. An undergraduate degree in a relevant technology field or significant relevant experience is a must.

Must also have security accreditations such as CISM, CISSP or CISA.

If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Application Security Engineer

MarkJames is working with a leading financial services client who are fast becoming one of London's leading payment organisations. They are going through a period of rapid growth in the security team, having recently hired 3 extra heads they are now looking for an Application Security Engineer to help them embed security into their core systems.

You will be able to understand and interpret output from tooling & manual penetration tests as well as continuously develop and review their internal processes to drive business maturity. Ensuring that applications & systems at the heart of the business are secure and safe.

You will have:

• Strong understanding of information security principles & polocies
• Strong knowledge of common Web and Mobile vulnerabilities
• Experience with security tooling such as SAST, DAST, dependency checking tooling and vulnerability management tools.
• Experience working with infrastructure and development teams to embed security into new infrastructure and applications.
• The ability to ensure that identified issues are prioritised and addressed in an appropriate timeframe.
• Ability to translate the security risk and impact to other departments and stakeholders.
• A proactive mindset.
• Contributions to the security community are a big plus (public research, presentations, bug bounty participation, etc)

Nice to haves:

• Security certifications (such as OSCP, Crest CRT/CCT, CISSP, SANS. Avoid mentioning your CEH).
• Software development experience
• +4 years of professional experience

Application Security Engineer

Application Security Engineer

MarkJames is working with a leading financial services client who are fast becoming one of London's leading payment organisations. They are going through a period of rapid growth in the security team, having recently hired 3 extra heads they are now looking for an Application Security Engineer to help them embed security into their core systems.

You will be able to understand and interpret output from tooling & manual penetration tests as well as continuously develop and review their internal processes to drive business maturity. Ensuring that applications & systems at the heart of the business are secure and safe.

You will have:

• Strong understanding of information security principles & polocies
• Strong knowledge of common Web and Mobile vulnerabilities
• Experience with security tooling such as SAST, DAST, dependency checking tooling and vulnerability management tools.
• Experience working with infrastructure and development teams to embed security into new infrastructure and applications.
• The ability to ensure that identified issues are prioritised and addressed in an appropriate timeframe.
• Ability to translate the security risk and impact to other departments and stakeholders.
• A proactive mindset.
• Contributions to the security community are a big plus (public research, presentations, bug bounty participation, etc)

Nice to haves:

• Security certifications (such as OSCP, Crest CRT/CCT, CISSP, SANS. Avoid mentioning your CEH).
• Software development experience
• +4 years of professional experience

Application Security Engineer

Linux Engineer Contract Cork 6 -12 months. My client a leading global name is in urgent need of a talented and experienced Linux Engineer to join them on a contract basis.

Candidates will be working in the Operations team patching team responsible for global server security patching ( Window and Linux ) to ensure the servers are compliance with my client Security Standard. Other responsibilities include Server OS upgrade( Non-Patchable/ Expired Version) , server mass deployment, Server Global Group Policy implementation and server OS vulnerability remediation. Core Technologies used in the team are Microsoft SCCM , Blade Logic, Satellite , Spacework , control M , Shell Scripting and KACE.

You will be responsible for Critical Linux server patches deployment within 30 days SLA, you will also be responsible for to reduce LINUX OS security vulnerabilities count. Candidates will be responsible to monitor and maintaining SCCM, Bladelogic client health and diagnosis. You will remediate LINUX servers fallout from OS security patching. You will be responsible to resolves customer escalations as appropriate. Candidates will demonstrate ability to work in a team environment and help each other during mass deployment task. You will analyse Kenna vulnerability report ,perform appropriate proper vulnerability remediation. Capable to work across functional team such as Vulnerability management , Cybersecurity, Application support team and DBA to address vulnerability. You will be able to create and modify Linux shell scripting to automate tasks and integrate solutions.

Successful candidates will have 5 to 7 years hands on related experience in IT system administration, troubleshooting, LINUX Server support/patching with Blade Logic, satellite, spacewalk or any other mass deployment tools. You will have Knowledge of enterprise security, vulnerabilities management and patching methodologies. You will have experience in LINUX OEL ,Redhat server OS. You will have strong background in virtualization technologies such as VMWare vSphere ESXi, Oracle VM desired. You will have experience with Oracle VM, WebLogic, and Oracle DB preferred. You will have extensive experience with Linux/Unix used in combination with enterprise storage solutions. It would be Desirable to have Professional Certs in Red Hat Certified System Administrator (RHCSA) and or Red Hat Certified Engineer (RHCE). It is important to note Candidates are required to adjust to work during weekend for patching activities or vulnerabilities remediation especially Friday-Sunday 12 hours shift(at least 2-3 weekends in a month). Otherwise, the standard working hour is Monday-Friday.

Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law.

Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.

By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: http://en-gb/candidate-privacy

Linux Engineer Contract Cork 6 -12 months. My client a leading global name is in urgent need of a talented and experienced Linux Engineer to join them on a contract basis.

Candidates will be working in the Operations team patching team responsible for global server security patching ( Window and Linux ) to ensure the servers are compliance with my client Security Standard. Other responsibilities include Server OS upgrade( Non-Patchable/ Expired Version) , server mass deployment, Server Global Group Policy implementation and server OS vulnerability remediation. Core Technologies used in the team are Microsoft SCCM , Blade Logic, Satellite , Spacework , control M , Shell Scripting and KACE.

You will be responsible for Critical Linux server patches deployment within 30 days SLA, you will also be responsible for to reduce LINUX OS security vulnerabilities count. Candidates will be responsible to monitor and maintaining SCCM, Bladelogic client health and diagnosis. You will remediate LINUX servers fallout from OS security patching. You will be responsible to resolves customer escalations as appropriate. Candidates will demonstrate ability to work in a team environment and help each other during mass deployment task. You will analyse Kenna vulnerability report ,perform appropriate proper vulnerability remediation. Capable to work across functional team such as Vulnerability management , Cybersecurity, Application support team and DBA to address vulnerability. You will be able to create and modify Linux shell scripting to automate tasks and integrate solutions.

Successful candidates will have 5 to 7 years hands on related experience in IT system administration, troubleshooting, LINUX Server support/patching with Blade Logic, satellite, spacewalk or any other mass deployment tools. You will have Knowledge of enterprise security, vulnerabilities management and patching methodologies. You will have experience in LINUX OEL ,Redhat server OS. You will have strong background in virtualization technologies such as VMWare vSphere ESXi, Oracle VM desired. You will have experience with Oracle VM, WebLogic, and Oracle DB preferred. You will have extensive experience with Linux/Unix used in combination with enterprise storage solutions. It would be Desirable to have Professional Certs in Red Hat Certified System Administrator (RHCSA) and or Red Hat Certified Engineer (RHCE). It is important to note Candidates are required to adjust to work during weekend for patching activities or vulnerabilities remediation especially Friday-Sunday 12 hours shift(at least 2-3 weekends in a month). Otherwise, the standard working hour is Monday-Friday.

Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law.

Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.

By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: http://en-gb/candidate-privacy