Cybersecurity Risk Analyst
On site
London, United Kingdom
Freelance
19-02-2025
Job Specifications
Cyber Vulnerability Management Analyst
Fixed Term Contract (Maternity Cover) 18 months
Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business requirements, we are now looking to acquire the services of an experienced Senior Compliance Officer, Monitoring & Assurance.
Please note that this is a hybrid role with 3 days in the office and 2 days working from home.
Key Responsibilities:
In this fixed term contract role, you will be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals.
The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all third-party vendors involved in the remediation process. The job holder will also prepare the necessary MI/Dashboard reports for the relevant stakeholders and alleviate the workload of the IT Service desk function when required.
The primary responsibilities of the role is to perform daily assessment of vulnerabilities identified by internal and external scans. Evaluate, risk assess and rate the results of the scan, prioritise all vulnerabilities discovered and remediate/patch within the established remediation timeline(s)/SLA. The role also requires the job holder to work closely with the SMEs/vendors of the relevant systems. Understanding of cloud technologies such as Azure/Amazon Web Services and Oracle Cloud Infra is essential.
Key Skills/Experience:
Essential: Bachelor’s degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications
Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR)
CISM/CISSP
Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout
Vulnerability Scanning Tool e. Tenable One, Qualisys
Knowledge of vulnerability scoring systems (CVSS/CMSS)
Incident/Response & Forensic Management Skills
IT Technical Admin Support - Azure, Oracle Cloud Infrastructure (OCI Cloud)
Microsoft Windows Support & administration, CE+, ISO27001
Email and Information Security Filtering/Monitoring Solutions, Egress
Hands on experience on Linux and Mac Administration Support
Good understanding of Windows and Linux patching
About the Company
www.thecurvegroup.co.uk At The Curve Group we create extraordinary solutions that transform working lives by supporting organisations to design, develop and elevate Recruitment and HR functions. Through expert analysis, benchmarking, consultancy and delivery services, we provide solutions across the entire employee lifecycle to enable better attraction and retention of talent. If you’d like to talk to us today about your plans and ambitions or to get fresh ideas and solutions to your current challenges, get in touch ... Know more
Related Jobs
- Company Name
- ARC IT Recruitment
- Job Title
- Information Technology Security Engineer
- Job Description
- IT Security Operations Engineer London/Hybrid Up to £650 a day, inside IR35 6-9 months contract CISSP, AZURE, TVM, PAM, IAM, DLP IT Security Operations Engineer is required on a contract basis by thriving financial services organisation based in the City of London. You will be responsible for both maintaining and improving security controls, frameworks and processes, and supporting the delivery of new technology that improves our security posture and protects our business. You will be required to support the team in ensuring resilient, dependable security services are delivered across the entire estate and in all regions. You will be working with leaders in IT, Security, Information Security Risk, alongside key suppliers to ensure that the services we provide meet the current and future needs of the business. Responsibilities: Working within the existing IT Security operations/engineering functions. Manage relationships and the performance of outsourced security providers. Ensure BAU security operations services are managed with efficiently in line with any SLA’s. Delivery of IT Security services including (but not limited to) - Security Operations, Threat and Vulnerability Management, Privileged Access Management, Identify and Access Management, Data Loss Prevention, Network Security and Penetration Testing. Act as lead SME on IT and Cyber Security Improvement Projects. Play an active role in IT projects and operational processes (e.g., change management, exception management) to assess from an IT security standpoint IT projects, changes and exceptions. Manage IT Security Incidents including forensic investigations. Provide direction and guidance acting as an SME on IT security matters, closely supporting our infrastructure and architecture colleagues. Oversee and operate security controls (process & tools) to safeguard the security (integrity, confidentiality and availability) of all IT Systems in line with the expectations of a top tier global financial institution. Aligned to frameworks such as ISO27001/NIST. Demonstrate that security controls are effective and therefore are compliant with policy defined by InfoSec second line. Support and assist in the coordination and delivery IT Governance, Due Diligence and Audit activities. Deliver technical security reviews to ensure technologies follow information security standards, regulatory requirements and best practices. Support architectural review processes, risk management and the quantification of technology risks. Experience: Significant experience in similar security operations roles. Industry recognised technical certifications such as CISSP, TOGAF CCSP, GCIH or other equivalent certifications. Deployed, configured and managed infrastructure and the security of Microsoft cloud environments. Experienced in a broad range infrastructure and security solutions to protect the business. Including SIEM/SOAR. Proven experience of designing top to bottom systems/solutions with focus on all aspects of Security (Network, Infrastructure, Access, Cloud Services, Controls, and SecOps). Knowledge and experience of cloud specific security challenges, designs and solutions. Demonstrated involvement in major IT/cloud transformation initiatives, with the ability to navigate the complexities and ensure security considerations are integrated throughout. Knowledge and experience of security standards, procedures, reviews and automation. For a full consultation on this exciting new contract opportunity, please get in touch with ARC IT today!
- Company Name
- Dabster
- Job Title
- Network Security Engineer
- Job Description
- About Us: At Dabster, we specialize in connecting top talent with leading global companies. We are currently seeking experienced Network Security Engineer to join our client's team in Newport, UK. Our mission is to be the foremost recruitment specialist in securing exceptional talent for a diverse range of global clients. Job Description: Responsibilities: Implement and support security solutions that meet corporate security requirements. Configure and troubleshoot network firewalls to ensure optimal network security. Work closely with Security team partners/Business Relationship Managers, Field IT leadership and managed service suppliers to ensure successful identification and timely delivery of network security services to the business. Drive and develop automation opportunities for the management of security infrastructure Manage and maintain our firewall systems to ensure optimal performance and security. Analyze and proactively come up with creative solutions for operational needs that present security challenges. Manage and maintain security systems by applying system patches and other periodic maintenance tasks. Create and maintain standard operating procedures and guides for new and/or existing security solution implementations. Regularly communicate progress to company leadership and program collaborators Attend weekly teleconferences, meetings, and participates in working groups, as related to constant changing security environment. Zero Trust Network Policy (Micro Firewall & Network Security rule design and administration across multiple platforms For this role we are looking for someone who has: Proven experience working in a security team. Extensive experience with network security design, firewall management, and intrusion detection. Deep experience in deploying application-based firewalls (Palo Alto, Fortinet or similar) on premise or in cloud base services (Prisma, Zscaler or similar), and SSL inspection techniques. Proficiency in multiple security technologies, including network security, NGFW, NAC, network segmentation, network security architecture. Solid knowledge and working experience with Layer 2-7 protocols and technologies Solid understanding and troubleshooting experience with routing, security protocols, ACLs, Firewalls, WAF, and Intrusion Prevention Systems Experience with open-source network scanning tools Excellent communication and interpersonal skills including the ability to build consensus and to present complex presentations Basic knowledge with one or more scripting languages Certifications – PCNSA or similar, CISSP or similar, SANS GCIH or similar What We Offer: • Competitive Rate • Opportunity to work with a leading company • An opportunity to be part of impactful projects that shape the future of the industry. How to Apply Apply by submitting your resume today, showcasing your relevant experience and passion for the position via LinkedIn Easy Apply or directly to vijaya.lakshmi@dabster.net
- Company Name
- Spencer Rose
- Job Title
- Senior Security Architect
- Job Description
- Senior IT Security Architect (On-Prem) Contract - Long term contract basis (Potentially up to 2 years) Day rate - £800 per day (Inside IR35) Hybrid working - x2 days per week in office (London) Spencer Rose are partnered with a leading Financial Services organisation who are on the look out for a Senior Security Architect on a contract basis. Within this role, the Senior Security Architect will be responsible for implementing the Security Architectural design across their on-prem, windows server infrastructure estate. The Senior Security Architect will have the following responsibilities - Building security into infrastructure and architecture designs Work with Security Engineers and the Operations team with regards to the management of vulnerabilities, risks and remediation methods To identify new security threats and asses the effectiveness of current controls to pinpoint opportunities for program improvement The Senior Security Architect will need to have the following skills/experience - Must have at least 6+ years Security Architecture experience Must have recent experience building security into On-Prem Infrastructure Must have experience working within Banking, Financial Services or Insurance Ideally have experience across the following - SIEM, Vulnerability Management, DLP, PAM, IDAM & Endpoint Protection Previous experience conducting risk assessments and threat modelling
- Company Name
- undisclosed
- Job Title
- Network Engineer
- Job Description
- Role Title: NSR - Network Engineer Location: Barrow In Furness Fully Onsite Duration: 29/08/2025 Clearance required: Active Security Clearance is essential Role purpose / summary We have an exciting opportunity to join our client as a Network Engineer supporting a variety of Private & Public sector clients within our vast portfolio. Our Network Operations Centre (NOC) provides support at all levels for a multitude of technologies across complex landscapes, providing expertise to deliver a stable, secure, efficient and well managed infrastructure, over the full lifecycle of each solution. The strength of our NOC lies within our people, fostered by a supportive team culture. Key Skills/ requirements As an integral part of a Network Operations Centre, you’ll have fantastic opportunities to develop both yourself and our collective capabilities performing RUN activities with other likeminded Network Analysts. As part of the team, you’ll be empowered to: Perform Level 2/3 Network incident diagnostics/resolution. Network change & request implementation Continue to strengthen and bolster your existing capabilities through a mix of professional training, certifications, and experiences. Your skills and experience Experience supporting enterprise networks with valid networking technical certifications demonstrating proficiency. Experience of supporting (Enterprise) Wi-Fi technologies including Cisco WLC or others Understanding of Cisco ACI software defined networks (multi-site & multi-pod) Experience of Network management tools like SolarWinds, or similar Experienced in supporting Firewalls (Palo Alto, Checkpoint, Cisco Firepower, Cisco ASA & AnyConnect Remote Access) Experience and understanding of networking protocols (e.g., IPSEC, HSRP, BGP, OSPF, EIGRP) Good working knowledge of ITIL processes. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!