Current Vacancies

In addition to the roles shown below, we have a number of other positions which are not listed on the website for a multitude of reasons.

CERT - Security Analyst IDS Analyst Information Security Analyst - (Financial Sector) IT Forensic Analyst IT Forensic roles National Account Manager – IT Security Services PCI-DSS Auditor Penetration Tester

Senior Incident Response Analyst

To register send a copy of your CV to SecWizRec@SecurityWizardry.com

We have an ongoing need for Penetration Testers for various clients in London, Cambridge, South West and Berkshire.  Permanent and Contract opportunities
*** Penetration Test Account Manager (London) £34-£36k plus bonus ***
We also have a great opportunity for a Developer with an excellent understanding of Information Security and proven customer facing skills to break into the world of Penetration Testing (Cambridge or London).
 

Job Title:                     Penetration Tester
Reference No:             CNDW/0508/PEN   
Security Clearance:    SC preferred
Location:                    Bristol
Salary:                        £35k-£40k upwards + excellent benefits                            
Contract Type:            Permanent
Role Description:
Our client, a leading IT Consultancy is looking for an experienced and passionate Penetration Tester.  This is a special ethical hacking role where passion is more important than qualifications such as CEH or CISSP.
Salary will be dependant on your skills and the value that you bring to the team; it would be expected to be in the region of £30K to £45K. The role is all Pen Testing, you will not be doing other Infosec work without moving to another division, there will be plenty of variety and therefore you must be willing to travel, the work also includes travel to US security conferences such as Defcon and Shmoo.  For around the first 6 months you will be based in Bristol, after that you may be permitted to travel to clients sites and generate reports from home. You will be a member of a close knit and highly professional team with an exceptionally passionate ethos.  CHECK/Crest Team membership/leadership is desirable but certainly not essential.  Achieving CHECK/Crest Team Leader status is actively encouraged for team members.
Security Clearance (SC/DV) is not essential but must be achievable.
Essential Experience:
-  Extensive knowledge of Information Security and penetration testing
-  Good business judgement, a confident communicator with the ability to lead and enthuse others
-  Positive attitude
Flexible and mobile
Desirable:
- CEH or CISSP

Job Title:                     Information Security Analyst - (Financial Sector)   
Reference No:             CNDW/0508/MPLON   
Security Clearance:    n/a
Location:                    London
Salary:                        £35k 
Contract Type:            Permanent
Role Description:
^-  Obtain and retain Application Ownership information
^-  Perform and analyse results on Application Business Impact Analysis (using Sprint methodology)
^-  Perform Application Systems Access Reviews
^-  Assist in all areas of IS Awareness Programme, especially areas that will need to be measured, e.g. agreement of Security Policy for KRIs
^-  Administration of a Security Controls database retaining all required information on Ownership, Application security - technical and business related.
-  Possible assistance in obtaining and retaining information from Technical Security Reviews, though not analysing data
- Tracking and maintenance of any security exceptions raised and approved
^-  Assistance with ad-hoc security issues/work such as Audit issues
^-  Perform monitoring of selected critical systems
^-  Involvement in Security Incident Management Process
The above list is not exclusive or exhaustive and the post holder will be required to undertake such other duties as may reasonably be expected. All members of staff are required to be co-operative and flexible in line with the needs of the post and the department.

Job Title:                     PCI-DSS Auditor 
Reference No:             CNDW/0508/SPPCI   
Security Clearance:    n/a
Location:                    Cambridge
Salary:                        £35k-£40k upwards  
Benefits:                      Including; a variety of information security/forensic training courses; Support and sponsorship equating to 75% of MSc costs; Annual profit related bonus    
Contract Type:            Permanent
Role Description:
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry-sanctioned requirements for improving payment data security. 
This is an exciting opportunity for an experienced Auditor / Assessor to join a progressive and fast growing computer forensics and Information Security company as a PCI DSS Auditor
-  Strong auditing background. 
-   Qualified Security Assessor (QSA)
-   Two (or more) years experience in PCI DSS or in other information security standards e.g. ISO 27001. 
-  Strong technical skills and knowledge of networks, encryption, etc. to enable thorough and accurate client auditing. 
-  The successful candidate will have strong interpersonal and customer-facing skills.
-   A strong investigative mindset and methodical & analytical thinking.
-  The nature of the work is highly confidential and candidates will be subject to a security clearance check
Essential Experience:
-  Two to three years experience in Information Security and Risk Management administration is required as well as a working understanding of Information Security principles and tools (Business Impact Analysis, Risk Assessment, etc)
-  Required to be reasonably confident, inquisitive, able to converse easily with all levels of seniority
-  Strong communication and influencing skills
-  Good presentation skills
-  Able to rely on own initiative as well as receiving guidance
Desirable Qualities:
The ideal candidate should have practical experience of business Information Security within a large enterprise environment and knowledge of Investment Banking is an advantage

Job Title:                    IT Forensic Analyst (2 posts available)
Reference No:            CNDW/0508/SPFOR 
Security Clearance:   n/a
Location:                    Cambridge (from Summer 2008, opportunities available in London)
Salary:                        £40k
Contract Type:            Permanent
Role Description:
An exciting opportunity for an experienced Forensic Analyst to join a progressive and fast growing computer forensics and Information Security company.  The successful candidate will provide support to the senior forensic investigation team by performing a variety of law enforcement and corporate sector investigations.  The nature of the work is highly confidential and candidates will be subject to a security clearance check.
Essential Experience:
3 years' or more practical experience of EnCase and FTK is required, along with WinHex and Helix. 
A strong investigative mindset and methodical & analytical thinking is required for this role, which will often require the successful candidate to work on their own initiative to investigate cases. 
Knowledge of ACPO guidelines, and working within those guidelines to ensure evidence continuity is highly desirable
Previous court experience is desirable. 
Knowledge of UNIX (Linux) is advantageous. 

Job Title:                     CERT - Security Analyst
Reference No:             CNDW/0408/MBJP   
Security Clearance:    n/a
Location:                    London - City
Salary:                        £60k upwards    
Contract Type:            Permanent
Role Description:
The role of the Computer Emergency Response Team (CERT) within the Bank is to effectively respond to information security incidents and proactively alert the firm of emerging threats to help mitigate the risk from such incidents. The CERT team reports to the Chief Data Protection Officer and Global Head of CERT, who’s central mission is to protect the information assets of the Bank.
Key Objectives of Role
- Act as Incident Response and CERT team member. This would include providing an intelligence gathering and analysis capability to determine the potential impact of new threats on the Bank environment.
- Provide forensic analysis and investigation of compromised (either confirmed or suspected) computers.
- Coordination and representation of CERT within the local region towards regional and business management
Responsibilities
- Review new security threats and vulnerabilities and liaise with platform groups to agree new actions to proactively mitigate risks.
- Assess reported security incidents from multiple sources.
- Respond to and issue security alerts to the platform/application communities within the firm.
- Regional coordinator for all regional CERT alerts 24/7.
- Log file analysis and risk assessment
- Forensic analysis of compromised (either confirmed or suspected) computers.
Essential Experience:  
Essential Technical Skills:
Detailed knowledge and experience of at least three core operating systems (Solaris, AIX, VMS, Linux, and Win2K). Some knowledge and experience of at least one other.
Knowledge and experience of TCP/IP networking
Detailed and up to date knowledge of hacking techniques, tools and trends
Detailed knowledge of Nessus, cgi­scanners, snort, FIRE, and EnCase.
Detailed knowledge of global security operations
Experience working as part of a Computer Emergency Response Team.
Essential Personal Skills:
Geographically mobile; project management; ambitious and self driven; lateral thinking; an inquisitive mind; persistent with an eye for detail; excellent management communication skills (PowerPoint / MIS / Analysis); team player
Preferable Technical Skills:
Effective communication skills (oral and written) and computer investigation and forensic techniques.
Experience Required:
Experienced in an information security technical role, Incident Response techniques and MIS / Statistical reporting
Detailed Technical Requirements: Available on request

Job Title:                     IDS Analyst - ongoing requirement
Reference No:             CNDW/1107/TELC10  
Security Clearance:    DV
Location:                    Belgium
Salary:                        €470 per day, inclusive of expenses    
Contract Type:            3 month, with extension
Role Description:
The Security Analyst is a technical engineer with an advanced security track record and a proven experience with the management of security incidents.
This person would work in a security operating centre during the business hours and will spend his time with the following activities:
- looking at the security dashboard of the "Security Incident & Event Management" tool, (Arcsight)
- have the ability to analyse and intepret effectively the information provided by multiple sources, including Firewalls, routers, Syslog, Host and Network based IDS/IPS and Anti Virus
- dig into the incident to find the root cause
- be able to analyse the packet capture to understand what is going on
- have advanced knowledge about the functioning of a firewall, a network intrusion prevention system, a host intrusion prevention system, windows & Unix operating system specificities
- Have a thorough working knowledge of TCPIP and have the ability to analyse PCAP or packet capture files. 
The Analyst will have to work in a highly confidential and closed environment.
Essential Experience:  
The successful candidate must have the skills and experience outlined above and must hold valid national/NATO security clearance.

Job Title:                     National Account Manager – IT Security Services
Reference No:             CNDW/0108/SPACC 
Security Clearance:    n/a
Location:                    Cambridgeshire
Salary:                        Salary plus Commission.  £ negotiable + uncapped commission   
Contract Type:            Permanent
Role Description:
An opportunity to work in a fast evolving IT sector for a progressive company with a broad range of high quality, high value Information Security services.
The role involves dealing with new and established accounts, optimising the performance of each account with regards to our client’s consultancy and training services.
The National Account Manager position is integral to the achievement of group targets, and high performance is rewarded accordingly.
Essential Experience:
The successful candidate will boast exceptional communication and account management skills.
They will also have substantial experience within an IT security services sales environment, particularly in any of the areas of Penetration Testing, Computer Forensics, PCI DSS or ISO 27001.

Job Title:                    Senior Incident Response Analyst
Reference No:            CNDW/0208/SPQ10 
Security Clearance:   not required
Location:                    Doha, Qatar      
                                   Please note; this position is a National post within Qatar and not for a Western Government
Salary:                        £ negotiable  
Contract Type:            Permanent
Role Description:
As a member of the Incident Management Team, perform tasks related to: proactive measures to counter information security compromise, including collation, analysis and dissemination of vulnerability and threat information relating to the region; reactive measures post-compromise, including practical response to system/network attack.
Essential Experience:
Oral fluency, comprehension and writing skills in both English and Arabic for the preparation of vulnerability, threat and incident reports, together with website information material.
Degree or Doctorate in a computer science related subject with subsequent related and relevant experience in the information security field. Equivalent practical experience and professional qualifications will be considered in place of academic qualifications.
Broad technical knowledge of internet protocols, security technologies, common attacks against systems/networks and operational details of multiple operating systems. Prior experience in system/network administration and in one or more programming languages would be an advantage.
Ability to identify and ensure the timely delivery of critical information to internal analysis teams, sponsors, customers and other interested parties.
Analytical skills to assess incident severity, technical nature and impact, leading to allocation of resources to handle the incident appropriately.
Inter-personal skills to work with both local and regional governments, businesses and vendors to generate and develop reporting and liaison communication links.
Temperament to work as part of a multi-skilled, international team, learning and developing techniques to meet new vulnerabilities and threats.
Willingness and patience to train and mentor junior staff.
Work ethic accepting flexible hours, including occasional out of normal working hours, as operational requirements dictate.
Ability to generate, develop and improve incident management processes and procedures.
Ability to recognise and deal appropriately with confidential and sensitive information.
Ability to pass a background investigation
Willingness to travel locally and internationally

We have a variety of IT Forensic roles available including:
IT Forensic Assistant (Cambridgeshire) - a junior role which would suit a Computer Science graduate, intensive training package also included
Public Sector Forensics Account Manager (London) - may suit a candidate with a background in the Police Hi-Tech crime units.
CERT - Security Analyst (London) - detailed above
IT Forensic Analyst (Cambridge) - detailed above

To Apply:  If you are interested in any of the above roles please send your CV and covering letter in the first instance to
SecWizRec(@)SecurityWizardry.com
Unless otherwise specified candidates must be eligible to live and work in the UK