Your current job search

DV Cleared SOC Engineer | Corsham - full time (will involve shift work) | 6 months | PAYE/Inside IR35

Clearance Required: DV - sole UK National

We're looking for a SOC Analyst to be at the forefront of Technical automation and pushing into a Next-Gen SOC.

This role proactively monitors the IT infrastructure for security incidents and participates in security incident investigation and resolution.

We need a highly motivated candidate, with a good IT background and have a desire to work in Cyber Security. A self-starter who works effectively with instruction but under minimal supervision in a highly dynamic environment. It is expected that the successful candidate will have a solid background in IT infrastructure with an understanding of computer networking and server architecture, ready to take the next step in Cyber Security.

You will:

* Work alongside other cyber professionals who are focused on pushing our Cyber capabilities further.
* Work with Senior SOC Engineer to undertake monitoring, analysis, and incident resolution activities
* Continually Improve the SOC configuration and automation
* Support addition of new rules for the product against emerging client scenarios/priorities
* Support wider test and assurance activities

Required Skills:

* Experience in the secure elements of service delivery
* Ability to quickly pick up new technologies (ie MASH)
* Experience in Microsoft Server Technologies
* Experience in SIEM/SOAR activities, such as log gathering, Event monitoring, Incident alerting
* Information Assurance Principles
* Public and/or Private Azure
* Vulnerability Management Tooling

If you have the required skills needed, please apply with your CV at first instance.

Engineer - Product Security Analyst

Inside IR35 rates up to £675 per day

Hybrid with average 3 days on site a week in Frimley, Surrey

Requires Active SC clearance

Overview:

Jefferson Frank are looking for 4 Product Security Analysts to engage on a contact basis with one our established Public Sector clients.

Required Skills:

* Former CLAS consultant
* Strong experience of developing Risk Management Accreditation Document Set (RMADS).
* Current CISSP or CISM qualification
* Strong background in HMG and MoD Policies, SPF, JSP440, JSP 604, and TEMPEST
* Proven experience of assessing and managing information risk in line with industry good practice.
* Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar). Experience of Product Security Engineering activities in the defence, maritime or closely linked domain.

Also:

* Developing Risk Management Accreditation Document Set (RMADs)
* Performing risk assessments using multiple methods including IS1, ISO27001, NIST, Mitre, STRIDE.
* Selection of security controls, providing guidance on implementation and capture of compliance.
* Attendance at Security Working Groups (SWGs), design reviews and gate reviews
* Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness.
* Be able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost effective risk mitigation in the longer term.

If you'd like to hear more apply or contact me directly on 0203 826 6696 / o.lawton@jeffersonfrank.com

SC Cleared Product Security Analyst | 12 months | Inside IR35 | Remote/3 days on site - Surrey

Jefferson Frank are proud to be supporting a London based consultancy who are looking for a Product Security Analyst.

Active Security Clearance is required!

You will be a focal point for security and information risk matters within the Product Security Engineering (PSyE) team and will be able to apply their deep level of subject matter expertise and experience to ensure that submarine systems and products are delivered and can be managed and supported through-life.

As a PSA you will provide subject matter expertise and advice to other functional and capability areas to support overall project delivery and performance and advice and consultancy to design authorities and interested stakeholders.

Skills required:

* Developing Risk Management Accreditation Document Set (RMADs)
* Performing risk assessments using multiple methods including IS1, ISO27001, NIST, Mitre, STRIDE.
* Selection of security controls, providing guidance on implementation and capture of compliance.
* Attendance at Security Working Groups (SWGs), design reviews and gate reviews
* Be able to contribute and influence the development of Product Security strategies, policies, guidance, good practices and awareness.
* Be able to recommend appropriate controls to mitigate identified risks in line with government and MOD policies and good practice, to provide more cost effective risk mitigation in the longer term.

Knowledge and Experience:

* Former CLAS consultant
* Strong experience of developing Risk Management Accreditation Document Set (RMADS).
* Current CISSP or CISM qualification
* Strong background in HMG and MoD Policies, SPF, JSP440, JSP 604, and TEMPEST
* Proven experience of assessing and managing information risk in line with industry good practice.
* Proven experience of applying Product Security/Information Security concepts to applicable technologies within the environment (or similar). Experience of Product Security Engineering activities in the defence, maritime or closely linked domain.

If you have the skills required, please apply with your CV at first instance

Threat Intelligence Analyst
Base Location: Corsham
ASAP
Duration: 6 months + extension
PAYE/Inside IR35
Clearance Required: DV - sole UK National

Position Description:
You will use cutting edge Threat Intelligence tooling and work alongside like-minded professionals in the Threat Intelligence field to provide high quality intelligence to our clients. Our Global Company provides opportunities to work and learn from other intelligence teams across the globe.

All members of the Threat Intelligence team receive a comprehensive training plan and industry accredited training courses aligned to their PDP each financial year. Excellent prospects to develop your career. Each year you will be encouraged to spend time on Corporate Social Responsibility projects of your choice, supporting the local community.

Your responsibilities:

* Collect and analyse data from a variety of sources to track threat actor activity
* Building and maintaining client relationships in order to manage Client Intelligence Requirements.
* Use of Threat Intelligence tooling to manage intelligence alerts against a client's threat, vulnerability and brand reputational risks.
* Analysis and reporting of intelligence events that may impact the confidentiality, integrity or availability of a client's business operations.
* Carrying out research to identify emerging threat actor operations.
* Liaising and working with other teams within Security Operations such as DFIR, SOC, Vulnerability analysis and security engineering.
* Maintain the content of our intelligence reporting repository
* Assist in developing junior members of the team

Required qualifications:

* Excellent written and communication skills for producing high quality intelligence reports
* Experience with carry out Open Source intelligence gathering and source verification
* Research skills and the ability to think critically and contextual intelligence analysis
* Experience with exploring the Dark web
* Familiarity with common techniques used by malware and threat actors and the MITRE ATT&CK framework.
* Experience with various Cyber Security technologies such as TIP's, SIEM, SOAR etc
* Practical Knowledge of static and dynamic malware analysis
* Working knowledge of network protocols
* Highly motivated and passionate about intelligence analysis
* Identify and manage intelligence sources to provide a holistic view of the threat landscape
* Understand the credible adversary groups associated, tactics, techniques and procedures
* Guides decision making within the organisation, supporting with tactical and operational assessment
* Security Operations Center
* Threat Risk Assessment
* Vulnerability Assessment (IAVA)

If this role is of interest and you have the required skills, please apply with your CV at first instance.

SOC Engineer
Location: Corsham - full time
Start: ASAP
Duration: 6 months
PAYE/Inside IR35
Clearance Required: DV - sole UK National

Jefferson Frank's Public Sector team are looking for an Cyber Consultant to join our client's team based in working in Corsham. The SOC Engineer will be, leading on the analysis and blocking of security threats. You will be creating creating and maintaining design and support documentation.

Work with Senior SOC Engineer to undertake monitoring, analysis and incident resolution activities
Continually Improve the SOC configuration and automation
Support addition of new rules for the product against emerging client scenarios/priorities
Support wider test and assurance activities

Skills:

* Track record in the secure elements of service delivery
* Track record in SIEM/SOAR activities, such as log gathering, Event monitoring, Incident alerting
* Track record in Microsoft Server Technologies
* Incident Response
* Security Operations Center

If you have the skills listed above and you're interested, please apply with your CV at first instance.