Cyber Security

Cyber Security

Glocomms: A Specialist Cyber Security Talent Partner

Glocomms operates in the Cyber Security sector, a crucial domain as the need for adept professionals escalates in companies of all sizes. The UK, a hotspot for Cyber Security expertise, is experiencing a growing demand for these roles, underscored by an expanding skills shortage.

Predictions suggest that the number of open Cyber Security roles will only increase further, solidifying the value and longevity of these positions. The current shortage of skilled Cyber Security professionals in the EMEA region sits at 317,000, highlighting that demand continues to outstrip supply.

As specialists based in the City of London, Glocomms' consultants are committed to bridging this gap, sourcing top-tier talent for Cyber Security roles throughout the UK and Europe. Our services are dedicated to addressing this growing need, further securing the digital landscape for businesses across scales and sectors. Request a call back to hear more about our hiring solutions.

If you're a Cyber Security professional, please register your CV.

Register your CV

If you're looking for Cyber Security talent, please register your vacancy today.

Register your vacancy
or
Request a call back

Benefits of working with us

Our Cyber Security talent specialists help growing technology businesses source the right go-to-market strategy talent, manage the recruitment process, and facilitate onboarding. With multi-lingual language support, we provide international recruitment expertise to secure business-critical talent across Europe.

Our recruitment benefits

Experience

We have a decade’s worth of Cyber Security experience as a leading technology talent partner.

Network

A vast, global network of the best, in-demand Cyber Security talent.

Knowledge

Our award-winning talent specialists offer bespoke, tailored guidance on the latest hiring trends.

At Glocomms, we are dedicated to cultivating enduring partnerships grounded in trust, honesty, and shared prosperity. Our commitment lies in delivering bespoke solutions that align with your unique business requirements and Cyber Security recruitment preferences. Whether you seek immediate placement for pivotal roles or aspire for long-term strategic talent acquisition solutions, our arsenal of resources and expertise ensures successful outcomes. Share your vacancy with us today.

Looking to hire? Request a call back

Cyber Security Jobs

At Glocomms, we're excited about the future of Cyber Security. We encourage you to visit our Cyber Security Jobs to explore the cutting-edge roles we're filling in this transformative sector. Shape tomorrow's tech world with us; your future begins at Glocomms.

Cloud Security Engineer

Job Summary: As a Cloud Security Engineer, you will support the security of cloud environments across AWS, GCP, and Azure. This includes identifying and mitigating security risks, using cloud-native security tools, and managing security solutions. You will work with various teams to integrate security into the software development lifecycle, maintain threat models, ensure compliance with security and regulatory requirements, and respond to security queries from clients and partners. Familiarity with cloud security platforms like CNAPP, CSPM, CWPP, CASB, CIEM, and the Wiz tool is beneficial. Responsibilities: Experience with cloud security in AWS, GCP, and Azure. Deploy and manage cloud-native security tools. Monitor and enforce security using platforms like CNAPP, CSPM, CWPP, CASB, and CIEM. Use the Wiz tool for security posture management. Enhance security solutions and maintain security posture. Integrate security into the software development lifecycle. Develop and maintain threat models. Collaborate with stakeholders to minimize security risks. Ensure compliance with security and regulatory requirements. Respond to client and partner security queries. Other duties as assigned. Qualifications: B.A. or B.S. in Computer Science or a similar field, or equivalent experience. 5+ years of Cloud Information Security experience with AWS, GCP, and Azure. Security certifications like AWS Security, CISSP, CISA, or OSCP are a plus. Experience in security reviews of cloud applications. Up-to-date knowledge of cloud security advisories and vulnerabilities. Strong communication skills and attention to detail. Familiarity with AWS services and cloud security platforms. Knowledge of IaC tools like Terraform/CloudFormation is a plus. Proficiency in Python and basic Java for cloud security scripting. Team-oriented with a passion for cloud technology.

Negotiable
Tysons Corner
Apply

Lead Threat Detection Security Engineer

Glocomms is partnered with a successful real estate technology and data analytics company to find an exceptional Security Engineering Lead focused on Threat Detection and Incident Response. Our client's products include over 75 web applications with a centralized security team, offering a dynamic and challenging environment for cybersecurity professionals. This hybrid role is based in San Diego and will require onsite presence on Tuesday, Wednesday, and Thursday. Candidates should have a strong understanding of security in a web application landscape and be eager to grow as a hands-on leader. Key Responsibilities: Lead and mentor a team of highly skilled security engineers, fostering a culture of innovation and excellence in threat detection and response. Develop and implement cutting-edge threat detection strategies and technologies, utilizing tools such as Splunk, Snort, and CrowdStrike. Collaborate with cross-functional teams, including software development, IT, and data analytics, to integrate robust security measures throughout the software development lifecycle. Analyze and respond to security incidents with precision and urgency, leveraging platforms like ThreatConnect and Nessus. Conduct regular security assessments and comprehensive audits to identify vulnerabilities and provide actionable recommendations. Stay ahead of the curve by keeping abreast of the latest threat intelligence, security trends, and emerging technologies. Design and execute hands-on threat detection and response activities, ensuring the implementation of best practices. Develop and maintain security documentation, including incident response plans, playbooks, and standard operating procedures. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field; advanced degrees or certifications (e.g., CISSP, CISM) are a plus. 5+ years of hands-on experience in security engineering, with a strong focus on threat detection and response. Proven leadership experience in managing and mentoring security teams, with a track record of driving successful security initiatives. Deep knowledge of security frameworks, tools, and technologies, including SIEM, IDS/IPS, and endpoint protection. Exceptional problem-solving skills and the ability to thrive under pressure in a fast-paced environment. Outstanding communication skills, capable of articulating complex security concepts to both technical and non-technical stakeholders. Benefits: Competitive salary with performance-based bonuses and incentives. Comprehensive health, dental, and vision insurance plans. Flexible work schedule with hybrid work options to support work-life balance. Opportunities for professional development, including training, certifications, and conferences. A collaborative, innovative, and inclusive work environment that values diversity and encourages creativity. This is a full time, direct hire position; candidates seeking C2C/C2H engagements cannot be accommodated. Resumes must include full name (first & last) and valid contact information in order to be considered. The client is unable to offer visa sponsorship at this time.

US$175000 - US$245000 per year
San Diego
Apply

Senior IT Security Engineer

Location: Stamford, CT Environment: Office (5 days/week) Glocomms is partnered with a leading clean energy company based in Stamford, CT, seeking a highly skilled and experienced Lead Security Engineer / IT Manager to oversee and enhance the company's IT security infrastructure and manage overall IT operations. This role is responsible for ensuring the security of systems, networks, and data, while also managing IT resources and projects. Key Responsibilities: Leads the development and implementation of comprehensive IT security strategies and policies. Manages and secures cloud environments, with a focus on Microsoft Azure, ensuring robust protection of cloud-based assets. Designs and maintains secure access and authentication mechanisms, including multi-factor authentication (MFA) and single sign-on (SSO) solutions. Oversees the security of various operating systems (Windows, Linux, etc.), ensuring they are up-to-date and protected against vulnerabilities. Utilizes scripting languages such as Python and PowerShell to automate security tasks and enhance system monitoring and response capabilities. Implements and manages advanced threat detection systems, conducts regular security assessments, and responds to security incidents promptly. Ensures the security of network infrastructure, including firewalls, VPNs, and intrusion detection/prevention systems. Ensures compliance with relevant regulations and standards (eg. ISO, GDPR), and conducts risk assessments to identify and mitigate potential security threats. Oversees the day-to-day operations of the IT department, including managing IT staff, budgets, and projects. Ensures the reliability and performance of IT infrastructure, including servers, networks, and applications. Manages relationships with IT vendors and service providers to ensure the best value and service quality. Works closely with IT, development, and operations teams to integrate security best practices into all aspects of the company's technology environment. Qualifications: Bachelor's degree in Computer Science, Information Technology, or a related field. Minimum of 5 years of experience in IT security and IT management, with a focus on cloud security, access management, and threat detection. Proficiency in Microsoft Azure security tools and services. Strong knowledge of access and authentication protocols, including MFA and SSO. Experience with operating systems security for Windows and Linux. Proficiency in scripting languages such as Python and PowerShell. In-depth understanding of networking security principles and technologies. Excellent problem-solving skills and the ability to work under pressure. Strong communication and leadership skills. Preferred Certifications: Certified Information Systems Security Professional (CISSP) Microsoft Certified: Azure Security Engineer Associate Certified Ethical Hacker (CEH) CompTIA Security+ Why Join Us: For our client, the commitment to driving innovation in the clean energy sector is paramount. The Lead Security Engineer will play a crucial role in protecting the technology infrastructure, ensuring the security of operations, and managing IT resources. This position offers the opportunity to join a mission to create a sustainable future through cutting-edge technology and renewable energy solutions.

US$140000 - US$180000 per year
Stamford
Apply

Senior Offensive Security Engineer

We're partnered with a leading real estate data analytics company to bring on an Offensive Security Engineer with a senior level skillset. This role focuses on securing the client's information, analytics, and online marketplaces. The ideal candidate will lead red, blue, & purple team engagements to enhance both internal and external security measures. You will be responsible for identifying and exploiting vulnerabilities in their infrastructure and applications, while collaborating with senior management to strengthen our overall security framework. This position offers a flexible hybrid work schedule. Responsibilities: Conduct offensive security activities including red teaming, penetration testing, and vulnerability research. Perform adversary emulation and red team engagements to test and improve defensive blue team capabilities. Collaborate on purple team activities to enhance threat management strategies. Identify and exploit vulnerabilities in CI/CD systems and Active Directory environments. Develop and execute payloads and exploits using C/C#/C++. Utilize security tools such as NMAP, Burp Suite, Kali Linux, and Bloodhound. Operate C2 frameworks like Cobalt Strike, Sliver, and Mythic. Work with EDR systems to detect and respond to security incidents. Stay updated on the latest trends, techniques, and tools in offensive security. Provide detailed reports and presentations to senior level management on findings and recommendations. Qualifications: Bachelor's Degree in Computer Science, Cyber Security, or a related field. 6+ years of proven experience in offensive security activities, including red teaming, penetration testing, and vulnerability research. Strong knowledge of scripting/programming languages such as Bash, Python, and PowerShell. Proficiency with security tools (NMAP, Burp Suite, Kali Linux, Bloodhound) and C2 frameworks (Cobalt Strike, Sliver, Mythic). Expertise in Windows Active Directory exploitation. Experience with payload and exploit development in C/C#/C++. Familiarity with EDR systems. Relevant security certifications (OSEP, OSCP, CRTO, GXPN). Ability to work effectively in a hybrid schedule environment. If you or someone you know is interested, please apply in directly!

US$170000 - US$200000 per year
Arlington
Apply

Cloud Security Engineer

Cloud Security Engineer Join a forward-thinking team responsible for advancing DevSecOps practices, implementing a "cloud-first" security strategy, and driving enterprise-level Information Security, Risk Management, and Business Continuity programs. Key Responsibilities: Design and implement security architecture in AWS environments. Collaborate with DevOps and Infrastructure teams to integrate security into CI/CD pipelines. Deploy security guardrails, policies, and tooling in AWS. Conduct AWS best practice assessments and implement automation solutions. Maintain and enhance cloud security tools and processes. Translate compliance and security requirements into actionable deliverables. Perform threat remediation in cloud environments. Requirements: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of cloud security experience, primarily in AWS. Proficiency in AWS services (IAM, VPC, CloudTrail, CloudFormation, Lambda) and security tools (e.g., GuardDuty, Security Hub). Familiarity with frameworks like CIS, NIST, and tools such as Terraform and scripting languages (Python, Bash). Relevant certifications (e.g., AWS Certified Security - Specialty, CISSP) are a plus. Experience with vulnerability and container security management. What We Offer: Time Off: 25 days of PTO and 12 company holidays. Insurance: Comprehensive health, life, and disability coverage. Savings & Retirement: 401(k) with company match, Health Savings Accounts, and more. Growth: Opportunities to stay at the cutting edge of cloud security trends.

US$150000 - US$170000 per year
New York
Apply

Cloud Security IAM Engineer - Dallas

Location: Dallas, TX Environment: Onsite (5 days/week) Glocomms is partnered with a dynamic business enablement company that is dedicated to empowering organizations through cutting-edge technology solutions. The company is seeking a Senior Cloud Security Engineer with a specialized focus on Identity and Access Management (IAM) to enhance the security and efficiency of its cloud infrastructure. The Senior Cloud Security Engineer (IAM) will be a key player in the design, implementation, and management of the company's IAM framework, with a strong emphasis on AWS. This role involves working extensively with AWS, Entra ID, and Active Directory to establish and maintain robust identity and access controls. The ideal candidate will possess a comprehensive understanding of IAM technologies and protocols, and will be instrumental in protecting the company's digital assets and ensuring compliance with security standards. Key Responsibilities: Architect, deploy, and manage IAM solutions leveraging AWS, Entra ID, and Active Directory. Develop and enforce comprehensive IAM policies, procedures, and standards to ensure security and compliance. Integrate IAM solutions with a wide range of AWS services and applications, including Identity Governance and Administration (IGA), Privileged Access Management (PAM), and other security tools. Monitor, troubleshoot, and resolve IAM-related issues within the AWS environment, ensuring minimal impact on business operations. Collaborate with IT, security, and business teams to define and implement IAM strategies, best practices, and roadmaps, with a focus on AWS. Conduct regular security assessments, audits, and penetration tests to identify and mitigate vulnerabilities in the AWS environment. Stay current with the latest AWS IAM technologies, trends, and best practices, and recommend enhancements to existing systems. Provide expert technical guidance and mentorship to junior engineers and other team members on IAM-related projects and initiatives. Lead and participate in IAM-related incident response and forensic investigations. Prepare and present detailed reports on IAM activities, risks, and improvements to senior management. Primary Requirements: 5+ years of experience in IAM, with a strong emphasis on AWS, Microsoft Entra ID, and Active Directory Domain Services. Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Deep knowledge of IAM protocols and standards, including SAML, OAuth, OIDC, LDAP, SCIM, REST API, and Kerberos. Proven experience with IGA and PAM solutions. Proficiency in Linux operating systems and scripting languages (e.g., Python, Bash). Strong analytical, problem-solving, and decision-making skills. Excellent communication, collaboration, and leadership abilities. Relevant certifications (e.g., AWS Certified Security - Specialty, Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)) are highly desirable. Experience with security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2) is a plus. Additional Keywords: IAM, AWS, Entra ID, Active Directory, IGA, PAM, Linux, SAML, OAuth, OIDC, LDAP, SCIM, REST API, Kerberos, Python, Bash, NIST, ISO 27001, SOC 2. Does this sound like you? Interested candidates are encouraged to submit a detailed resume highlighting their qualifications, experience, and relevant certifications. Resumes must include candidate's full name and contact information in order to be considered.

US$120000 - US$160000 per year
Dallas
Apply

SOAR Engineer

Security Operations Detection Engineer We are seeking an experienced Security Operations Detection Engineer to join our team. This role is responsible for the architecture, engineering, and automation of in-house security platforms, including Microsoft Sentinel SIEM and associated SOAR tooling. You will work closely with various IT teams to optimize log ingestion, data enrichment, and alerting to improve security operations. Key Responsibilities: Deploy new detections and automations within the SIEM/SOAR platform. Create and implement SIEM content such as rules, alerts, and dashboards. Improve analytics and reduce false positives through regular assessments and tuning. Design automation for alert enrichment and response actions. Partner with teams to enhance security monitoring across business applications. Manage and maintain Security Operations tooling and incident response processes. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field. 3+ years in a security-related engineering role with 2+ years of SIEM/SOAR experience. Deep knowledge of Microsoft Sentinel, Defender, and other security tools. Strong automation skills with Terraform, KQL, Python, PowerShell, and Microsoft Power Apps. Familiarity with log ingestion methodologies and API development. Certifications such as CISSP, CISM, or CEH are a plus. Benefits & Perks: 25 days PTO + 12 company holidays. Company-paid life insurance, disability, and parental leave. Optional medical, dental, and vision benefits. 401(k) with discretionary match. This is a dynamic, hands-on role in a fast-paced environment where you will have the opportunity to significantly impact our security operations. Apply today!

US$140000 - US$160000 per year
Dallas
Apply

Cybersecurity Specialist

Cybersecurity Specialist - Secret Clearance Location: Alexandria, VA (Hybrid, 2x per week in person) Clearance Requirement: Active Secret Clearance We are looking for a Cybersecurity Specialist to join our team in Alexandria, VA. This role is a critical part of securing our nation's information systems and ensuring compliance with Department of Defense (DoD) standards. Key Responsibilities: Design and implement system architecture and network security strategies to protect critical systems. Ensure compliance with the Risk Management Framework (RMF) and oversee Certification & Accreditation (C&A) processes. Manage COMSEC, TEMPEST, and other communications security programs. Perform vulnerability assessments, risk analysis, and incident response. Develop and implement cybersecurity strategies to counter emerging threats. Conduct security assessments, audits, and ensure policy compliance with DoD standards, including FISMA. Utilize tools like Enterprise Mission Assurance Support Service (eMASS) to manage cybersecurity processes. Prepare and review technical documentation, including acquisition documents, failure reports, and fielding plans. Qualifications: Experience: 20+ years in cybersecurity, information assurance, or a related field. Certifications: Certified Information Systems Security Professional (CISSP), Security+ (Sec+), or equivalent. Skills: Strong expertise in operational cybersecurity accreditation, embedded systems security, and systems engineering processes. Knowledge of Standards: Familiarity with DoD standards such as AR 25-2 and Inspector General (IG) compliance. Leadership: Demonstrated ability to work independently with minimal oversight, provide mentorship, and lead cybersecurity initiatives. Why Join Us? Be part of a team that prioritizes innovation in cybersecurity strategies and the protection of critical systems. Work on impactful projects with real-world implications. Opportunities for professional growth and leadership.

US$160000 - US$190000 per year
Alexandria
Apply

Security Operations Detection Engineer

We are partnered with a major private investment firm to bring on a Security Cloud Detection Engineer out of Dallas, TX*. The ideal candidate will be responsible for enhancing their security operations through the architecture, engineering, and automation of detection and response mechanisms. This role involves working with Microsoft Sentinel SIEM, SOAR tooling, and various security automation technologies to ensure robust security monitoring and incident response. Primary Responsibilities: Develop and implement new detections and automations within the SIEM environment. Create and maintain SIEM content, including rules, alerts, and dashboards, to improve the signal-to-noise ratio. Configure and manage Microsoft Sentinel, ensuring optimal performance and integration with other security tools. Automate alert enrichment processes to enhance detection and prevention coverage. Collaborate with external SOC providers to consolidate data sources and ensure high availability of log sources. Conduct alert triage and response, managing patch and vulnerability processes. Monitor security operations metrics and maintain DLP tools and technologies. Provide training and support on SIEM functionalities to internal teams. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Minimum of 3 years in a security-related engineering role. At least 2 years of experience with SIEM/SOAR engineering, specifically with Microsoft Sentinel, Log Analytics, and Defender. Proficiency in security automation and automation tooling (e.g., Terraform). Strong scripting skills in KQL, Python, and PowerShell. Experience with Microsoft Power Apps, Azure Functions, and Logic Apps. Knowledge of API development and log ingestion methodologies. Familiarity with automated development lifecycles (DevOps). Experience with Cisco security tools (Meraki, Umbrella) and multi-tenant or MSP environments. Professional certifications such as CISSP, CISM, or CEH. Self-starter with a passion for security and continuous improvement. If you or someone you know is interested, please apply in directly! *This is a fully onsite role out of the client's Dallas office.

US$140000 - US$170000 per year
Dallas
Apply

IAM Engineer

Glocomms is partnered with a leading business enablement firm seeking a highly skilled IAM Engineer to join their dynamic team. This company is dedicated to empowering businesses through innovative solutions and cutting-edge technology, ensuring clients achieve their strategic goals efficiently and securely. The IAM Engineer will be responsible for designing, implementing, and managing the company's Identity and Access Management (IAM) systems. This role requires a deep understanding of AWS IAM, Active Directory Domain Services, Microsoft Entra ID, and related components. The ideal candidate will have a proven track record of managing complex IAM environments and ensuring the security and integrity of the company's IT infrastructure. Key Responsibilities: Design, implement, and manage IAM solutions to support business requirements and security policies. Administer and maintain AWS IAM, Active Directory Domain Services, and Microsoft Entra ID environments. Develop and enforce IAM policies, standards, and procedures. Perform regular audits and assessments of IAM systems to ensure compliance with security standards. Integrate IAM solutions with other enterprise systems using SCIM REST API, SAML, OAuth, and OIDC. Implement and manage Kerberos authentication and Privileged Access Management (PAM) solutions. Troubleshoot and resolve IAM-related issues and incidents. Provide technical guidance and support to internal teams and stakeholders. Stay current with industry trends and best practices in IAM and cybersecurity. Qualifications: Bachelor's degree in Computer Science, Information Technology, or a related field. Minimum of 5 years of experience in IAM engineering or a related role. Strong expertise in AWS IAM, Active Directory Domain Services, and Microsoft Entra ID. Experience with IAM tools and technologies such as SSO, MFA, and identity federation. Proficiency in scripting and automation (e.g., PowerShell, Python). Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills. Ability to work independently and as part of a team in a fast-paced environment. Preferred Qualifications: Relevant certifications (e.g., AWS Certified Security - Specialty, Microsoft Certified: Identity and Access Administrator Associate). Experience with cloud security and hybrid environments. Knowledge of regulatory requirements and compliance standards (e.g., GDPR, HIPAA). Benefits: Competitive salary and performance-based bonuses. Comprehensive health, dental, and vision insurance. Retirement savings plan with company match. Professional development opportunities. Collaborative and inclusive work environment.

Negotiable
Dallas
Apply

Cloud Security Engineer

We're partnered with an elite IT Consulting company seeking a highly skilled Cloud Security Engineer to advance DevSecOps throughout their organization with a focus on Cloud-first information technology. The ideal candidate will be responsible for designing, implementing, and managing secure cloud environments to protect sensitive financial data and ensure compliance with industry standards. This role requires a deep understanding of cloud security principles, threat management, and the unique challenges faced in the Private Investment idnustry. Responsibilities: Develop and enforce security policies, ensuring robust protection across AWS environments. Collaborate with development and infrastructure teams to integrate security guardrails and solutions. Implement security automation to enhance efficiency and reduce manual intervention. Design and deploy security solutions aligned with the Information Security and Compliance roadmap. Develop and maintain security architecture, ensuring adherence to best practices. Integrate security into CI/CD pipelines, conducting AWS best practice assessments. Oversee security operations, ensuring compliance with industry standards and regulations. Ensure cloud environments comply with regulatory frameworks (ISO270001, HIPAA, GDPR, NIST, CIS). Stay updated on industry trends and emerging technologies to enhance security posture. Lead threat hunt and remediation efforts to mitigate security risks. Qualifications: Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience in cloud security, with a focus on AWS services (IAM, VPC, CloudTrail, CloudFormation, Lambda). Knowledge of security frameworks (CIS, NIST) and regulatory requirements. Proficiency with security tools such as AWS Security Hub, WAF, GuardDuty, and vulnerability management tools like Tenable. Experience with Terraform and scripting languages (Python, Bash). Relevant certifications such as AWS Certified Security - Specialty, CISSP, CISM. Strong understanding of cloud technologies and security posture management tools (e.g., Wiz). Excellent communication and interpersonal skills, with a strong sense of personal integrity. Demonstrated passion for security and continuous improvement. If you or someone you know is interested, please apply in directly! This is an onsite opportunity out of the client's Dallas/Plano office.

US$150000 - US$170000 per year
Plano
Apply

SOC Analyst

Role - SOC/CERT Analyst Length - 6 months rolling (multi-year project) Hybrid? - Hybrid Key Responsibilities: Monitor and analyze security alerts from SIEM, IDS/IPS, firewalls, endpoint protection tools, and other monitoring platforms. Investigate and triage security events to determine their impact and criticality. Perform log analysis, anomaly detection, and root cause analysis. Coordinate and lead response activities during complex or high-impact incidents. Document and report on security incidents, providing insights for management and technical teams. Conduct forensic analysis of systems, networks, and devices to support investigations. Collect, preserve, and analyze evidence following industry-standard forensic methodologies. Generate detailed forensic reports, including timelines, findings, and recommendations.

Negotiable
Paris
Apply

Cyber Security News & Insights

The Strategic Importance of Network Security: Beyond the Tech Image
cyber-security

The Strategic Importance of Network Security: Beyond the Tech

In today's digital era, where every facet of business is intricately intertwined with technology, network security is a growing concern. But while it's often pigeonholed as a purely technical issue, this viewpoint misses the broader implications. Network security is not only about firewalls, intrusion detection systems, and encryption; it's about strategy.A Strategic Defense against Cyber ThreatsHow we protect our data and systems from cyber threats is a direct reflection of our strategic priorities. The kind of security protocols you adopt, the technologies you embrace, and even the response mechanisms you have in place can shape the brand image and trustworthiness of your business in the eyes of your stakeholders.The Power of Cloud and Hybrid NetworksWith the increasing shift towards cloud and hybrid networks, businesses can no longer depend solely on traditional defense mechanisms. The strategic choice of leveraging cloud technologies requires an equally strategic approach to security. It's about seamlessly integrating on-premise infrastructures with cloud environments while ensuring that both are fortified against threats.Bridging the Network Security Skills GapThe technological landscape is constantly evolving, and with it comes new challenges. Our clients are increasingly looking for candidates with the skills needed for network automation to enhance performance, and tools like Terraform and Ansible to remain agile and efficient.However, there's a noticeable gap between demand and supply when it comes to expertise in these areas. Businesses are in dire need of professionals who can navigate the complex world of network security and automation.Connect with the Experts​Are these challenges affecting your hiring opportunities? Is the rapidly shifting landscape of network security causing uncertainties in your staffing needs?You're not alone. Many businesses are grappling with similar issues, and they require a strategic partner who understands both the technical and strategic dimensions of the domain.Reach out to James directly by completing the form below. Let us help you navigate these challenges and ensure that your network security strategy is robust, dynamic, and forward-thinking.Request a call back​

Read More
Hiring Cyber Security Talent Image
cyber-security

Hiring Cyber Security Talent

There are many verticals we specialize in here at Glocomms across the cyber security space, each with their own unique hiring trends. Here is a brief overview of some of the cyber security developments we are seeing across manufacturing, health technology, media & entertainment, and SaaS. ManufacturingCyber security is a fundamental challenge for any business leader, but manufacturing has officially overtaken financial services, healthcare, and insurance, to become the world’s most attacked sector[i], due to increases in reconnaissance targeting. As more supply chains and manufacturing facilities embrace digital software for efficiency reasons, there is the dual challenge of losing precious time to mitigating cyber-attacks. This presents the industry with an acute need for more cyber security professionals to prevent such attacks, but with a tight talent pool, competition for the best professionals is high. Europe’s automotive manufacturing and supply chain companies[ii]saw demand rising for cyber security professionals more than any other industry last year. This figure is compiled by GlobalData, whose thematic approach groups company activity to see which organizations can best weather disruptions and tackle issues “that keeps a CEO awake at night.” Health Technology The threat to healthcare and healthtech from cyber-attacks cannot be understated – 32% of healthcare security leaders said they had to divert patients to other providers after cyber-attacks, according to Imprivata’s report[iii], a digital identity company for life and mission-critical industries. ECRI[iv], a non-profit that focuses on healthcare technology and safety, also cites cloud security in its list of, ‘Top 10 Health Technology Hazards for 2023.’There is a greater need for cyber security professionals who can protect patient data as the healthcare industry becomes more reliant on technology. Medical institutions also need to create a culture of cyber security, to assist cyber experts when they come into the business. Media & EntertainmentYou may recall the leaking of the script for the James Bond movie ‘Spectre’[v], which highlighted how vulnerable the media & entertainment industry can be to cyber-attacks. Streaming services such as Netflix have also seen their own customer data breaches, with ransomware authors also becoming more adept at finding vulnerabilities, and thus exploiting them[vi]. So, how can the industry protect itself? Ultimately media & entertainment platforms need to invest in cyber software and professionals. Household names can utilize their brand power to attract talent and invest profits back into internships to enable new talent to enter the market in the future. Thinking long-term and planning for the talent of tomorrow is one strategy to future-proof an organization, because large-scale media & entertainment names cannot afford the reputable fallout of security breaches. SaaSThe popularity of Software-as-a-Service (SaaS) platforms is only going to grow, and the more applications an organization has in its tech stack, the greater the risk of cyber breaches. This means it is crucial to keep up with cyber security developments to maintain customer trust and platform integrity. According to Forbes[vii], “SaaS security is unique because of the velocity of new SaaS being adopted and the decentralized purchasing decision process. These two things combined break the traditional cybersecurity frameworks.”While business leaders and CISOs must adopt a risk mindset, whether working for a SaaS company or using one as a customer, the reality is that one way to mitigate cyber threats is to consider hazards outside of the software itself. Cyber experts can be employed to also educate users and have visibility over data transmissions. Often organizations are at the mercy of employees exposing information, therefore businesses must find talent that can not only lead it securely, but also has soft skills in teaching colleagues and training the wider organization on best practice. ​A number of industries are competing for the same cyber security talent. There are different push and pull factors dependent on the individual being hired, so a nuanced approach as opposed to a one-size-fits-all strategy will result in talent being more attracted to a business. To hire the best candidate for your open role, get in touch with Glocomms today. As a specialist talent partner in Technology, we have access to industry-leading talent around the world. Find the talent you need by submitting your vacancy, or request a call back to elevate your hiring process with the right talent partner today.

Read More
Cyber Security Talent Insights Image
cyber-security

Cyber Security Talent Insights

​​The cyber security market is predicted to grow to $266 billion by 2027, but with opportunity comes many risks, disruptions and challenges. With skilled business-critical cyber security professionals in high demand, companies must develop effective hiring solutions to capitalize on the market and protect their systems, networks, and data against cyber attacks and security breaches.In this report, our technology talent experts at Glocomms guide you through:Key trends in cyber security, from market risks to hiring approachesTop priorities for candidates in the cyber security fieldInsights from Katie Owston, Associate Vice President at GlocommsKey takeaways and recommendations for both hiring managers and professionalsDownload your copy of the 'Cyber Security Talent Insights' report by completing the form below:​​

Read More
Three IoT Cybersecurity Trends For 2019 Image
cyber-security

Three IoT Cybersecurity Trends For 2019

​As the world becomes more connected, the Internet of Things (IoT) continues to expand. Gartner forecasts that 14.2 billion connected things will be in use during 2019, rising to 25 billion by 2021.In the wake of this increased connectivity, cybersecurity breaches emerged as the #1 concern for US CEOs at this year’s World Economic Forum. Here, we explore three key cybersecurity trends impacting the IoT in 2019 and how they are shaping the labor market.The emergence of 5G5G is 2019’s hottest trend in IoT and its impact is expected to be huge. It has the potential to transfer higher volumes of data and connect to more devices up to 20 times faster than 4G. By 2020, Gartner forecasts that 60% of organizations plan to deploy 5G, while Ericsson’s 2018 Mobility Report predicts that by 2025 1.5 billion of us will be connected to 5G. While 5G will integrate the Internet of Things more deeply into our lives and open up numerous possibilities for consumers and businesses, it brings with it a much higher cyber security threat. A world that is almost entirely connected means organizations will be exposed to significant new cyber risks that businesses must be prepared for. IIoT : Industrial Internet of ThingsThe Industrial Internet of Things, or IIoT, refers to billions of industrial devices connected to wireless networks which collect and distribute data across industries as diverse as healthcare, utilities and transportation. This gathered data is analyzed to improve businesses processes and productivity to enable faster and more accurate decision making. The IIoT protects the critical infrastructure and systems we rely on and may take for granted in our day-to-day lives.A broader base of assets connected to more diverse systems and devices offers more points of entry for a potential breach and industries must rethink its security. System failures in the IIoT can have high risk consequences and without effective protection serious disruption can occur. The emergence of 5G will also have an impact on the IIoT. 5G enabled devices will require a new level of cybersecurity to protect infrastructures, with denial of service attacks (DOS) becoming a significant concern. For instance, in March 2019, a cyber disruption to the US grid reported by the Department of Energy involved a "denial of service condition" at a Western utility.IoMT – (Internet of Medical Things)​Emerging technologies are transforming the healthcare sector. Connected medical devices gather vital data to provide insights into patient symptoms, enable remote care and improve treatment. However, healthcare remains a vulnerable area in cybersecurity.The cost of data breaches in the IoMT are among the highest across all sectors, yet many healthcare facilities still rely on outdated operating systems. 4.4 million patient records were breached in Q3 alone in 2018, highlighting the need for extreme precautions.Again, 5G will have a far-reaching impact on the IoMT, with the increased connectivity substantially raising the potential for data breaches.The cybersecurity skills shortageThe rise of the IoT and the investment in 5G technology are putting immense pressure on demand for cybersecurity talent. An estimated 2.93 million cybersecurity positions globally are currently unfilled. A staggering 500,000 of those are located in the US.At the same time, while jobs postings for cybersecurity roles are up, applications have fallen.In the longer-term, 5G technology is expected to create an estimated 22 million jobs by 2035, requiring skills that people don’t yet have and placing more pressure on a jobs market struggling to keep pace with demand.Without a seamless and effective hiring process, organizations simply don’t have the capability to develop effective security procedures to both detect and prevent cyberattacks and protect vital data.Glocomms has recognized a tremendous opportunity in the emergence of 5G and the increasing reliance on IoT in our everyday lives.Given this market knowledge, we have developed a recruitment practice focused exclusively on networking and building a talent pool within IoT and IoT security. Having built relationships with some of the world’s premier IoT, IIoT and IoMT vendors, Glocomms continues to establish itself as a major provider of talent in a very niche and undersupplied IoT talent market. With lines of business that cover everything from Sales and Marketing, Product Management/Development, Software Development & R&D, Data Science & Engineering, and Cyber Engineering & Operations, we can confidently address the needs of any growing IoT vendor across their product development lifecycle. We work closely with vendors as they build and deploy their products and services, from early stage and greenfield organizations to companies looking to ramp up their sales and marketing teams and ensure their products and solutions reach the doorstep of every potential customer.Regardless of your business growth needs, we’ve got you covered!For more information about how to reach one of our specialized IoT recruitment consultants, or to learn how our business can become an extension of yours in finding that tough to reach IoT talent, contact us today.

Read More
How to Get Ahead in Cybersecurity Image
cyber-security

How to Get Ahead in Cybersecurity

​A career in cybersecurity is one of the most sought after in the tech field and can be a fulfilling and lucrative option for talented and ambitious professionals. Cybersecurity experts play a vital role in keeping their employers and their customers safe while online. But to succeed requires specific qualifications and experience.Here we take a look at how to get ahead in this rewarding field.Where are the jobs?In short, everywhere.From American universities to British Airways and Facebook, hackers have caused havoc for employers throughout 2018. No sector or organization is immune. By 2021 it’s predicted that at current levels of rising demand versus expected candidate availability, there could be a staggering 3.5 million open jobs in cybersecurity.Cybersecurity talent is sought after around the globe but in particular:In the UK and Europe, the introduction of the EU’s GDPR (General Data Protection Regulation) more than tripled demand for cybersecurity professionals in 2018. The GDPR is also expected to be one of the top cybersecurity concerns for employers in 2019.Australian and Canadian employers are experiencing serious national skills shortages in the sector.A 28% growth in cybersecurity jobs is predicted from 2016 to 2026 in the US.What about the gender gap?The gender gap is real and not predicted to close any time soon.  Females are underrepresented in the cybersecurity sector. It is estimated that around 20% of cybersecurity professionals are women but some studies suggest a much lower figure. Deloitte’s global Women in Cyber initiative launched in July 2018 to address this issue and encourage more females to explore a career in the sector. If you’re considering that option, this initiative offers real-life insight from women working in the sector, including advice on how to build a career in cyber, the potential challenges and the skills needed to succeed.A lucrative careerDemand is pushing up average salaries for cybersecurity professionals, which stands at around c$117,000. Pay for entry level jobs is also soaring. Graduate roles in the US now attract salaries of close to $100,000 per annum, more than in any other sector. Your salary will depend on your level of expertise and experience – and the specific requirements of a prospective employer. Speak to your recruiter for more detailed advice.A career with securityLike most of the tech sector, cybersecurity is one of the most reliable professions for long-term job security. The role of Cybersecurity Engineer is predicted to become the most in-demand tech job in 2019 but opportunities are varied and numerous. Other roles include security engineer, security analyst, penetration tester, and cryptographer. The emerging role of Chief Cybercrime Officer may also become critical to larger organizations in 2019 as data hacks are expected to rise.The key to success is to stay on top of current trends and develop the skillsets that make you more valuable to employers.  As well as the GDPR, research suggests that the top cybersecurity concerns for businesses in 2019 including phishing, ransomware, the cloud and cryptocurrency mining.Have you got what it takes to succeed?If you’re considering a career in this specialist sector, or seeking your next career move, here’s our advice:A bachelor’s degree in cybersecurity or another field of computer science is essential for most employers. Many cybersecurity professionals move from traditional tech roles, such as systems administrator into more specialized positions through additional training.For entry level candidates, deciding on your specialization can help to make you more attractive to businesses.Ensure you constantly refresh your skills and invest in your future. Tech is rapidly changing and new skillsets are required constantly.For professionals looking for a leadership role, the same advice applies. Stay ahead of trends in the sector and work on the skills that are needed for your next career move. Acquire the most relevant certifications and training, through online courses or a master’s degree for example.Networking should be an ongoing strategy to help you to fulfill your long-term career goals. Keep your LinkedIn profile up to date and build professional relationships with people in your field.Speak to a specialist recruiter who knows your sector inside out and is ideally positioned to advise on your next career move.Working with a specialist recruiter like those at Glocomms, can help understand your career options within cybersecurity and make sure you secure a job that is a perfect fit for you. To learn more, get in touch with Glocomms today.​

Read More
Cybersecurity Market Update Image
cyber-security

Cybersecurity Market Update

​Glocomms' insight on the 2018 Cybersecurity Landscape Across the End-User and Vendor ArenasIntroductionGlocomms was founded on the premise of Cybersecurity becoming the most in-demand and integral part of technology across all industries. In 2017, we saw a multitude of high-profile cyberattacks targeting various companies including Uber, Deloitte and Equifax with the most prominent attacks being WannaCry and Petya. Given the visibility on the cybersecurity market, Glocomms expects to see a large focus on hiring resources and talent to develop and elaborate the hardening of security practices. Such developments include in-house security operation centers (SOC), increased spending on the most innovative threat intelligence products and AI talent and the adoption of automation and cloud security practices in order to properly protect customer and employee data.​The consequences of insufficient security and data protection were recently highlighted by Facebook stocks sliding nearly 15% in a 36-hour window, off the back of an exposed global data breach. Such high profile examples prove that Cybersecurity has the attention of the global media platform and consequently, the market is tightening as the need for remediation in real-time is becoming absolutely imperative.​In order to provide this level of service on a 24x7x365, vendors and end users are adopting advanced solutions. The two main trends we have seen in the first quarter of 2018 have been the integration of Artificial Intelligence & Data Science coupled with the need for Automation & Cloud Security. ​AI/Data Science & Cloud AutomationOur recruitment business gives us a unique look into these trends, as our business model is comprised of two main pillars of focus: Cybersecurity and AI/Data Science. We see the perspective of urgent needs for specific skillsets, as well as the perspective of building expertise through seeking new challenges and career options through working with stealth-mode to IPO vendors as well as the world’s largest global end-users.​When considering the impact AI can have on Cyber, it is clear why artificial intelligence, machine learning and data science will have a huge impact on the ability for software to be able to detect and remediate intrusions and vulnerabilities. Nonetheless, it is who brings the expertise that affects how analytics will impact the industry given these will be the individuals building models to analyze and make sense of the data.​In order to understand the talent pool, we need to understand what motivates individuals to bring their experience to the cybersecurity industry. Most frequently, we see these professionals are motivated by the exposure to working with novel, proprietary, and in this case, unknown data. Additionally, not only the access and exposure to the data is compelling, but also the advanced decision making predictable by the data that draws this talent into the industry.​We have also seen increased attention on the automation and acceptance of risk adverse cloud usage cases, the adoption of MSSP’s that offer integrated threat analytics/ threat management solutions, and new industry trends that dive deeper into the impact AI can have on this ever-changing landscape across the vendor and end-user arenas.​Artificial intelligence, machine learning and data science are being leveraged in a variety of ways and can be exhibited by the huge influx of neural network and deep learning talent transition into the threat analytics arena. Given the sheer magnitude and significance of personal information embedded within the data across industries such as healthcare, financial services and commerce, it is no surprise that data scientists are excited about an opportunity to advance security solutions and play an impactful role on the business/product at large. We know from speaking to these professionals that it is the access and exposure to novel and unique data across the abovementioned industries that drive and motivate their career interests.​Given that Data Science/AI & Cybersecurity are the two focal points of our Glocomms business, it is exciting to see the transfusion of these emerging technology industries shaping the future of the entire technology landscape across all industries.​Investment BanksCloud security is currently the hottest trend from an end-user perspective. This trend is clear, given the activity we have seen across the finance industry as they move towards the adoption of specific usage cases for the various open source cloud platforms. This is exciting because these have historically been some of the most proprietarily kept platforms in the world – some banks even used proprietary coding languages to build their platform! In order to be comfortable with these offerings, the institutions now need to put together documentation on the risk assessments attributed to such solutions. Once these frameworks and usage-cases are clearly determined and outlined, offerings will begin to spread across more and more business units. Currently, large asset managers and global investment banks offer their clients a commercialized version of their front-office risk systems but this is only one portion of what the cross-business platform has to offer.​The next step will be providing an integrated and secure cloud-based solution across all layers of the risk management platforms that each of the various firms offer. Some banks are in the midst of developing a similar type of cross-business platform and although they may be scrutinized for their late-arrival to the party, it might work to their advantage given the new technology currently available because having an opportunity to build a platform from scratch using the latest and greatest products for hardening security layers and adopting cloud offerings allows for a more integrated and theoretically, hardened solution! It seems cloud security will be at the top of the list for most in-demand and least- attainable skill sets in 2018. This has already been evident given the vast hiring and increased compensation bands for cloud security professionals across the end-user arena. We believe the reason for this is these professional all need to not only bring the expert technical skills to the table, but also need to be able to communicate internally and externally with key stakeholders around usage cases for cloud offerings.​Buy-Side PerspectiveFrom a Buy-Side perspective, we have seen large global hedge fund clients looking to hire Encryption Engineers to build proprietary security layers into their existing infrastructure (often cloud-based). This is an obvious step in the right direction, given in the past it seemed many funds were scared by the prospects of putting their ‘secret sauce’ out in the cloud. Additionally, we have seen vast hiring across the Security Incident Event Management (SIEM) arena, most of whom, seem to be moving to Splunk given the versatility of the product. This is also consistent with what we have seen in Investment Banks this year.​From a recruitment standpoint, we see a huge amount of potential on the buy-side in 2018 and expect to see talents being directly targeted from the tech giants as these are the professionals with the most amount of exposure to novel data with the best skillsets for architectural remediation and hardening. ​Vendor PerspectiveAs the vendors continue to offer more and more comprehensive and integrated analytical solutions, the need to stay on top of the market and hire professionals that have experience with the most cutting-edge products becomes even more imperative. We have seen massive hiring across the vendor arena given the influx of investment and the urgent need for this analytical talent. The data being analyzed is ever-increasing and the adoption of AI is not quite keeping up with the workload for the SOC. Thus, we have still seen a steady stream of hiring within these types of positions including: threat hunters, incident responders and security engineers. Not only the vendors are hiring these professionals across the mid-senior level, but also the end-users are building their own in-house SOC’s to reinforce internal security measures creating more intelligent solutions on the network to detect vulnerabilities more quickly and readily. We have seen a large increase this year of around 20% higher than the industry standard this year in the compensation bands for someone with 3-5 years of experience with the abovementioned skills.​Glocomms’ cybersecurity recruitment practice is broken down across the vendor and end-user arenas as we have a commercial practice that offers talent solutions for our vendors across the entire product development lifecycle.As mentioned above, the adoption of intelligent threat hunting, incident response and vulnerability management has been clearly exhibited in a hiring trend of AI talent into the vendor and MSSP arena. ​Candidate TrendsAn interesting trend to note has been the movement of security professionals from the defense industry transition and partner with the financial services employees, in an attempt to continue to broaden the level of expertise and attention on security related problems. This talent is coming out of New York, Boston, Washington DC Metro Area, Texas, and California and heading to new security hubs forming in the Atlanta, South Carolina, Minneapolis and Colorado.Additionally, we have seen a large interest on the Financial Services side to hire talent from the Tech Giants given their background and exposure to massive amounts of data, enterprise level architecture, and forwards thinking technical skillsets.​Given the sheer magnitude of talent required, in the last 5 months, we have placed over 15 individuals for one Cybersecurity start-up that is still in stealth-mode on a retained basis! This project is ongoing and we expect to fill nearly 40+ roles this year with this one client given how perfectly our business models align, we have been able to deliver​Thus far in 2018 we have worked closely with a number of small to mid sized organizations (20-200 employees) on both Coasts undergoing large growth initiatives. Rapid growth is not uncommon for start-ups in this industry; these companies are primarily seeking analytical/AI talent, software engineers who are building their propriety platform and security professionals to advance the offerings. One interesting thing to note has been that security software engineers are receiving larger portions of equity given the impact their development of the platform will have on the multiplier attributed to the growth potential and in turn, value of the business.​For this type of endeavor we recommend a Multi-Hire Campaign (MHC) as we are able to best align our services with a companies specific and often urgent needs directly impacting our clients’ growth through an all-encompassing recruitment solution.​Many of our institutional clients are entirely revamping their security business units given the ever-changing nature of the available technology within the industry. As a result, we have staffed multiple senior, CISO/Strategic Leaders for our end-user clients whom will drive the growth initiatives going forward in 2018 and years to come. ​Mergers & AcquisitionsOur final cybersecurity market trend we wanted to highlight in this report corroborates the above with respect to focus and attention on new, cutting-edge, AI-driven threat management platforms. Security Vendors are being acquired by the big Tech Giants and large cyber players. The options are narrowing and the solutions are becoming far more comprehensive and integrated. Recent examples of this include: SQRRL were acquired by Amazon for $40 million; Phantom Cyber is being acquired by Splunk for $350 million; and CloudLock is bought by Cisco for $293 million. This showcases that the big-players are aware of the trends outlined above and are looking to eat up the market share and gain control of the growth and opportunity that is ravishing the emerging technologies marketplace. ​Diversity & InclusionDiversity and Inclusion awareness is at an all time high in the technology industry, with female representation and wage parity dominating the headlines. At Glocomms we find that identifying good practice, policies and initiatives to improve workforce diversity and inclusion are paramount for our clients. Throughout 2018, alongside our parent company, Phaidon International, we will be running a number of positive, action-orientated client events with relevant guest speakers and industry experts. The common themes of these initiatives will be to share pragmatic and proven successful practices that can tangibly improve diversity and inclusion within the workplace. By doing so our valued clients can enhance their access to wider talent pools for their meritocratic workplaces.​In relation to Cybersecurity – this is one of the most homogenized verticals within the technology arena and female-talent is highly scrutinized for being absent. Males hold 3 out of 4 jobs in tech, but specifically within cybersecurity, the numbers reflect that only 14% of the U.S. workforce in cybersecurity is female. [1] However, out of all of the areas within technology, we believe that Cybersecurity is the field that truly needs a diverse talent pool.​Working in Cybersecurity involves dealing with hugely complex issues and problems – teams need diversity so that problems are attacked with different viewpoints. At Glocomms we focus heavily on sourcing diverse talent within this field and working closely with our clients in creating a work environment to allow such talent to excel in their careers. In the past six months, 24% of the placements we have made in the Cybersecurity field are female. Whilst we still have a long way to go we are dedicated to doing our part to empower females to succeed in the industry.​In addition to females, Glocomms is committed to contributing to and being the driving force of change across all marginalized groups with respect to Diversity and Inclusion. Most recently, on March 24th, Glocomms was a sponsor for the second annual Out in Tech Talks[2], an event that united 400+ leading and aspiring LGBTQ+ and allied voices to advance the dialogue around diversity in tech and address the power of tech to create social change. It was an incredible event, showcasing the progress achieved while illuminating the massive amount of work left to do in reshaping the industry. Impressive panels included the leaders in Diversity and Inclusion at Amazon, Linked in and Youtube, an MD/Business Leader for the Cybersecurity business at a Leading Global Investment Bank and our own Executive Director at Glocomms.​Closing ThoughtsThis report was written and prepared by Giancarlo Hirsch, Vice President at Glocomms and accurate as of March 2018.​Glocomms has offices in NY and SF and is looking to launch offices in Boston, Chicago, Dallas and Charlotte in the coming 18 months. For more information or to get in touch with the team at Glocomms, please do reach out to usa@glocomms.com!​-------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cyber Security Talent Needed Amid Rising Cyber Threats Image
cyber-security

Cyber Security Talent Needed Amid Rising Cyber Threats

​​The cyber security industry is under mounting pressure. As cyber-attacks become more common and the amount of data stored online increases (not only in volume but also in sensitivity) most industries are naturally growing concerned at the exponential growth of cybercrime. A report from Ponemon Institute found that 47% of the 662 IT professionals questioned have experienced a cyber security breach within the last two years. These breaches took place in both the public and private sector across the globe.Cyber threats are occurring across the globe. One of the largest cyber security breaches of history occurred last year in theUS,when JPMorgan Chase fell victim tocybercrime. During this breach personal information such as the names, phone numbers and email addresses of 76 million households were acquired. In UK telecoms provider TalkTalk was hacked earlier this year, with bank details from thousands of customers being stolen. OKCoin, the world’s largest bitcoin exchange server, was also recently forced to suspend some of its services after experiencing a cyber attack from hackers.Such examples only further highlight the need for all businesses to strengthen their approach to cyber security, especially firms holding personal customer details. This has led to an increase in demand for cyber security professionals and a dramatic increase in opportunities available across several industries.A report recently released by the Identity Theft Resource Center (ITRC) revealed that the business sector has accounted for 16 million exposed records so far in 2015; the medical and healthcare sector is responsible for 120 million exposed records, and the government and military sectors are accountable for the loss of nearly 34 million records.As a result of these high-profile cases and alarming statistics, the same Ponemon report found that intelligence sharing is swiftly becoming a popular method to help fight off such malicious attacks. This practice involves vendors, industry groups and peer-to-peer exchange programs sharing the information they have available with one another in an open and collaborative environment.The majority of respondents said vendors were their main source of information on cyber security threats (61%), followed by peers from other companies (56%). Both platforms act as a key source of information on malicious IP addresses and URLs.However, the ever-evolving nature of IT and cyber security means information often comes with a very short shelf-life; threats are often replaced with new threats almost immediately – 60% of respondents said some information loses its usefulness within minutes. Yet, very few IT professionals receive security threat information in real-time.This is where the cloud could benefitITprofessionals. Just as employees are utilising mobile devices and the cloud to access business information and systems, IT security professionals could also be looking to this platform to access threat details. Wolfgang Kandek, the Chief Technology Officer for Qualys, has noted that moving away from traditional enterprise systems and into the cloud will allow security professionals to respond quickly and in the most effective and appropriate manner possible.The 2015 Global Cyber security Status report from the ISACA states that, come 2020 there will be 1.5 million unfilled cyber security roles across the globe. In order to meet these changing demands, the Asian market is investing heavily in cyber security practices and education. The US, on the other hand, is suffering from a severe lack of cyber security talent, particularly at the mid-senior level.This is driving up salaries for CISOs (Chief Information Security Officers) who have a successful track record of implementing proven policies and procedures and building successful teams. It’s also driving demand for the security consulting market, which is now worth over $15 billion dollars and saw year-on-year growth of almost 10% in 2015. This market is dominated by Deloitte, IBM and EY.The cyber security market is estimated to grow to $170 billion (USD) by 2020, at a Compound Annual Growth Rate (CAGR) of 9.8% from 2015 to 2020, according to a report from Markets and Markets. So how can businesses address the cyber security skills gap? Should talent be sourced from outside the industry and transferable skills given prominence, or should appropriate training, coaching and education be put in place within anorganizationfor talent to be trained internally from junior level? Even with a combination of these two approaches, is it a case that no matter how well prepared anorganizationis, the hackers and criminals will always be one step ahead?If you’re struggling to find the talent needed to meet cyber security needs, or are seeking new opportunities in the sector,contact the Glocomms team today.--------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that therecruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cyber threats in the aviation, aerospace and defense sectors Image
cyber-security

Cyber threats in the aviation, aerospace and defense sectors

​Cyber security is a rising concern across a number of industries but, for some sectors, such as aviation, aerospace and defence, cyber attacks pose potentially disastrous ramifications. As a result, groups such as airlines and aircraft manufacturers are collaborating to tackle this emerging threat, head on.Cyber attacks on the riseThe Director of Strategy & Safety Management at the European Aviation Safety Agency (EASA) has revealed that aviation systems are on the receiving end of thousands of attacks each month.The areas most vulnerable to attack are the connective communication systems between the plane and the ground, which transmit flight information, and on-the-ground networks.In June 2015 a cyber security breach took down the flight plan system of 10 planes for around five hours. This DDoS attack grounded nearly 1,500 passengers.Growth in areas such as the Internet of Things has increased awareness of risk in the sector as a new breed of threat is beginning to emerge. Director of Cyber Security at Israel’s Institute for National Security Studies,Dr.Gabi Siboni, commented: “The next 9/11 will be caused by computer hackers infiltrating aircraft controls”.An industry on the defenceSITA’s 2016 Airline IT Trends Survey revealed that 9% of airlines plan to invest in cyber security in the next three years, with 72% of the 200 airlines surveyed already investing in cyber security projects.The US launched the Aviation Information Sharing and Analysis Center (A-ISAC) in 2014. The A-ISAC includes input from airlines and security agencies, including Boeing, the NSA, the FBI, and the CIA. As of yet, Europe does not have a major presence in this collaborative project – the only European members are Airbus and Lufthansa.Europe’s cyber security defendersThe European Centre for Cyber Security in Aviation (ECCSA) has been set up by the European Aviation Safety Agency (EASA). The ECCSA boasts an Aviation Computer Emergency Response Team (AV-CERT) that helps analyse cyber threats to better understand their origins and identify security flaws, and which could help work towards technical solutions and create best practice guidelines to tackle the issue.The job marketDue to the rising threat and awareness in the industry, there is a clear shortage of experienced cyber security professionals. According to recent figures, there are only enough active candidates in this sector to fill 31.6% of opportunities. This is not endemic to the UK; Israel has 28.4%, Germany 35%, France 38.6%, the US 66.7%, and Canada 68.1%.Globally, we now need more cyber security professionals in order to protect ourselves from cyber threats.Economist MarianoMamertinocommented: “The problem is fast approaching crisis point and British businesses will inevitably be put at risk if they can’t find the expertise they need to mitigate the threat. “This should serve as a wake-up call to Britain’s tech sector – it must pull together to [...] attract more people into cyber security roles.”Cyber security candidates from outside the aviation industry will find it relatively easy to transfer across to aviation. Here at Glocomms, we specialise in recruiting across Connective Technology roles, over the last 6 months we have noticed the increasing demand for network security engineers, security architects and security analysts in the sector.We work closely with clients with in the sector to monitor and track the best talent in the market. If you are a cyber security expert searching for your next step, or you’re looking to bolster your cyber security team over the next few months, get in touch today.  ​-------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cybersecurity Salaries are on the Rise - Are you Ready? Image
cyber-security

Cybersecurity Salaries are on the Rise - Are you Ready?

​Do you have a strategy for attracting IT security talent in the next few years? This is a field in which demand is far outstripping supply and leaving positions vacant can have serious consequences. How will you attract and retain experienced professionals?According to a recent survey by Intel Security and Vanson Bourne, there are 209,000 unfilled security jobs in the US. Globally, there will be a 1-2 million shortfall in skilled workers in the field by 2019. Almost three quarters (71%) of large organizations questioned in the survey said this skills shortage left them vulnerable to cyberattacks.The rising threat: cyberattacksEvery organization is a potential cyber victim. A study by Forrester Research in 2015 found that 60% of brands experienced a breach of sensitive data that year. High-profile targets such as UPS, JP Morgan Chase, Sony, Experian and even the FBI have suffered considerable financial and reputational damage as a result of a successful attack.A recent Ponemon investigation found that the average cost of a breach is $3.8 million; a rise of 23% since 2013. For criminals, the possible rewards are huge. According to the 2016 Trustwave Global Security Report, a hacker investing $5,900 in a malware infection campaign could realise a 1,425% return on investment within 30 days, earning $84,100 as a result of the scam.With claims that nation states such as China and Russia are sponsoring security breaches, cybercrime is a threat that is not going to abate any time soon.Why cybersecurity should be on your C-suite agendaCybersecurity is becoming a more pressing topic for the C-suite. Installing a high quality firewall and antivirus software package is no longer enough; executives should be actively involved in developing cybersecurity strategies that focus on long-term proactivity, not short-term defensiveness.  A government committee in the UK has even gone so far as to propose that CEOs and senior executives should be subject to fines and custodial sentences if found negligent on cybersecurity.Worryingly, many senior teams still fail to grasp the importance of cybersecurity to business success. A 2014 survey found that around 33% of management boards received no regular reports about cybersecurity at all.[vi]Frequently, where security is found to be lacking an organization provides funding for short-term fixes rather than committing resource to a holistic, long-term strategy.The shortage of cybersecurity professionalsThe availability of experienced specialists is reaching crisis levels. Among security professionals, 23% said the lack of talent in this area is the biggest challenge facing the IT industry; 12% of all IT professionals agree.A recent Intel report found that 82% of organizations in the US, UK, Japan, Israel, Germany, France and Australia are experiencing a shortage of skilled workers in cybersecurity; 53% of organizations said recruitment difficulties were worse in this field than for other IT roles. Intrusion detection, attack mitigation and software development were the areas with the most severe shortage of eligible candidates.According to data from the Bureau of Labor Statistics, the challenge is set to increase: demand for cybersecurity professionals is predicted to grow 53% over the next two years.New graduates cannot simply fill these roles because only 23% of organizations see educational programs as giving candidates the skills they need to enter the industry.Hands-on experience and professional certification are valued much more, but these take time to acquire.How can you attract good recruits?In this competitive recruitment environment, what can you do to secure top talent? Unsurprisingly, pay is a major draw for promising professionals; the average compensation for an information security manager grew by around 6.4% in 2015-16.The US national average salary of a cybersecurity specialist with three or more years’ experience is $99,000. With five years’ experience, the average salary rises to $118,000.A substantial 80% of security professionals said a salary increase could persuade them to move to a new employer. This reflects a widely-held belief that despite mounting workloads, pay is not keeping up with the value they contribute to an organization; 61% of security professionals believe their salary is falling behind business growth and demands, compared to 55% among other IT professionals.How can you retain top talent?With unemployment rates among this group approaching zero, there are plenty of businesses out there looking to poach dissatisfied employees from their competitors; 74% of cybersecurity professionals have been targeted by head hunters in the last year.In terms of retention, focusing on job satisfaction and workload might help to keep good employees. The shortage of skilled professionals means there is more pressure on existing workers; 60% of cybersecurity professionals say they expect their workloads to increase in the next 12 months.If you pile the work up too high, your valued employee could simply move elsewhere.Contact Us to find out how Glocomms can help you.------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Get in touch today to see how Glocomms can help you.

Read More
The Cyber Security Challenge Image
cyber-security

The Cyber Security Challenge

​Reports indicate that the cyber security market is due to dramatically expand in the following few years, with new technologies emerging and the need for such technologies increasing.The proliferation of connected devices, services like the Cloud and bring-your-own-device (BYOD) practices means that the threat of cyber-attack is now growing faster than ever and, as a result, there is expected to be a boom in the cyber security industry.According to a MarketsandMarkets industry report, the cyber security market will increase from the $106.32 billion it is worth today, to $170.21 billion by 2020, at a compound annual growth rate (CAGR) of 9.8%.Worldwide governments are makingcyber securitya key political focus. The US is currently leading the way, according toLarnoLimnell writing for the International Business Times. “Most countries have cyber strategies on paper, but public discussion of policy and doctrinal levels and practical measures are not as mature as they are in the US,” he suggests.Europe has recognised this discrepancy, however; the European Commission, the European Council and the European Parliament have been working together to update and supersede the existing EU Directive in order to bring it in line with the recent advances in technology. “The objective is to issue a final proposed comprehensive regulation for the EU by the end of 2015, with final approval and adoption thereof to occur by the Spring of 2016,” said Stephen Jett from Taft Stettinius & Hollister LLP writing for Lexology.com.Indeed, the government’s role in combattingcyber attacksis a critical one, according to new research by Intel Security. The study of 625 IT decision makers from the finance, energy, transport and government sectors in Germany, France, the UK and the US found that 86% felt cooperation between the public and private sectors was vital for protecting cyber infrastructure.However, while the growth of this market is inevitable, more discussions need to take place regarding exactly what cyber security is and what it entails.Experts have spoken out about the emergence of the market and claim that professionals within the industry, and those looking to enter it, need to begin training in all areas of cyber security as early as possible.Discussing the sector, Gary Hayslip, the CIO for the City of San Diego, commented: “You talk to people, they think cyber is one thing, and it’s not.” It is this misunderstanding of the concept and market that requires more clarity. Linda Brent, the CEO for ASTA Group, expanded on this, stating that Cyber security can be considered to be “everything from artificial limbs to unmanned systems that are small enough to hold in your hand to the training and education of the workforce.”This training and education should start at the most basic level – in schools. Many professionals are encouraging the integration of Science and Technology programmes, so future generations will already have a sound grasp of cyber security and what it entails by the time they enter the workforce.This needs coordination between institutions - unless there is a unified understanding of the risks, challenges and learning opportunities then, any training provided is likely to be ineffective.Since higher education institutions are notoriously slow at updating their curriculum, this is presenting a significant challenge. Headway is being made in some regards, for example, women are being encouraged to enter into the cyber security industry thanks to a new training initiative from Cybrary and the Women in Technology (WIT) Association. However, it is vital that consolidated training opportunities be made far more widely available, as soon as possible.The Wall Street Journal has also recently reported that it’s not just schools and education institutions looking to improve awareness of cyber security; executive boards for high-profile businesses are also looking to improve their knowledge of the sector, so they are better informed should a cyber-attack occur. High-profile professionals are beginning to understand the significance of knowing where cyber security threats are coming from, how they are rectified and if enough is being done to challenge these attacks.As awareness of the cyber security space increases, so too are jobs in the sector. For information on opportunities in the industry – whether you are a potential candidate or looking to hire – contact us here.-----------------About GlocommsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in SanFrancisco, New York, London and Berlin.

Read More

Looking for something specific?

View more blogs