Cyber Security

Cyber Security

Glocomms: A Specialist Cyber Security Talent Partner

Glocomms operates in the Cyber Security sector, a crucial domain as the need for adept professionals escalates in companies of all sizes. The UK, a hotspot for Cyber Security expertise, is experiencing a growing demand for these roles, underscored by an expanding skills shortage.

Predictions suggest that the number of open Cyber Security roles will only increase further, solidifying the value and longevity of these positions. The current shortage of skilled Cyber Security professionals in the EMEA region sits at 317,000, highlighting that demand continues to outstrip supply.

As specialists based in the City of London, Glocomms' consultants are committed to bridging this gap, sourcing top-tier talent for Cyber Security roles throughout the UK and Europe. Our services are dedicated to addressing this growing need, further securing the digital landscape for businesses across scales and sectors. Request a call back to hear more about our hiring solutions.

If you're a Cyber Security professional, please register your CV.

Register your CV

If you're looking for Cyber Security talent, please register your vacancy today.

Register your vacancy
or
Request a call back

Benefits of working with us

Our Cyber Security talent specialists help growing technology businesses source the right go-to-market strategy talent, manage the recruitment process, and facilitate onboarding. With multi-lingual language support, we provide international recruitment expertise to secure business-critical talent across Europe.

Our recruitment benefits

Experience

We have a decade’s worth of Cyber Security experience as a leading technology talent partner.

Network

A vast, global network of the best, in-demand Cyber Security talent.

Knowledge

Our award-winning talent specialists offer bespoke, tailored guidance on the latest hiring trends.

At Glocomms, we are dedicated to cultivating enduring partnerships grounded in trust, honesty, and shared prosperity. Our commitment lies in delivering bespoke solutions that align with your unique business requirements and Cyber Security recruitment preferences. Whether you seek immediate placement for pivotal roles or aspire for long-term strategic talent acquisition solutions, our arsenal of resources and expertise ensures successful outcomes. Share your vacancy with us today.

Looking to hire? Request a call back

Cyber Security Jobs

At Glocomms, we're excited about the future of Cyber Security. We encourage you to visit our Cyber Security Jobs to explore the cutting-edge roles we're filling in this transformative sector. Shape tomorrow's tech world with us; your future begins at Glocomms.

DevSecOps Engineer

Locations: Washington, DC Metro Area | Richmond, VA | Irvine, CA | San Diego, CA Environment: Hybrid - 3 days onsite / 2 days remote per week. Glocomms is partnered with a real estate analytics pioneer dedicated to transforming the industry through digital innovation - enabling people to uncover properties, insights, and connections that enhance their business and personal lives. The client's portfolio includes over 75 platforms and high-traffic web applications. The firm's robust platform security environment incorporates both commercial and custom-developed security controls across various platforms, including IDEs, CI/CD systems, cloud, and Kubernetes. The DevSecOps Engineer will contribute to a team employing infrastructure as code, scripting, and API integrations to implement scalable security measures consistently across all web applications. The position may range from associate to lead architect level. Primary Responsibilities: As part of our dynamic team, you will be responsible for building and advancing features of our product platform security suite, including: Providing real-time vulnerability feedback within IDEs for insecure build patterns and artifacts (including first-party code, third-party code, containers, infrastructure as code, and secrets) Enforcing vulnerability remediation SLAs during environment builds Conducting dynamic runtime scans of pre-production environments to prevent vulnerabilities from reaching production Performing continuous attack surface management, penetration testing, and exploit validation Managing cloud security posture and workload protection Ensuring security for cloud IAM and Kubernetes runtime controls Conducting cloud platform threat hunting and API security management Implementing WAF and Bot controls Integrating runtime/drift vulnerability feedback into product development teams' bug tracking systems Enhancing federated cloud security hardening, detection, and enforcement Managing data security posture Identifying and addressing secrets and sensitive data leakage in logs, code, and documentation Qualifications: Bachelor's degree from an accredited institution, preferably in Computer Science, Cybersecurity, or a related field Proven track record of dedication to previous employers 3+ of experience in applying security at scale within CI/CD systems, Kubernetes platforms, cloud environments, or CDNs Proficiency in scripting or infrastructure as code using Python, PowerShell, Ansible, CloudFormation, Terraform, or similar languages Experience in a software development environment with mature CI/CD practices Strong passion for solving complex challenges, innovating, and being deeply engaged in your work Excellent communication skills, capable of engaging with both software development teams and leadership Thorough understanding of various security assessment tools Knowledge of infrastructure operations, including databases, networking, and system administration Ability to convey risk and urgency for remediation to different levels of leadership Capability to mentor and guide team members in prioritizing security efforts effectively Self-starter with the initiative to advance the application security program and follow through on ideas to completion Hands-on experience integrating security tools into CI/CD pipelines Experience with testing serverless cloud deployments Benefits and Perks: The client offers competitive compensation and performance-based incentives along with professional and academic growth opportunities including internal training, tuition reimbursement, and an inter-office exchange program. The comprehensive benefits package includes: Medical, vision, dental, and prescription drug coverage Life, legal, and supplementary insurance Mental health counseling services, both virtual and in-person, for individuals and families Commuter and parking benefits 401(k) retirement plan with matching contributions Employee stock purchase plan Paid time off Tuition reimbursement Access to onsite fitness centers or reimbursement for fitness center memberships, with options for yoga, personal training, and group exercise classes Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and healthy snacks All qualified candidates eligible to work full-time in the United States are encouraged to apply. Unfortunately visa sponsorship (including F1-OPT) is not available for this position. Candidates seeking C2C/C2H employment will not be considered. Interested candidates must be willing to work a HYBRID (3 days/week onsite) schedule to be considered for this position. **Company is an Equal Employment Opportunity Employer. The firm maintains a drug-free workplace and conducts pre-employment substance abuse testing.**

US$160000 - US$220000 per year
San Diego
Apply

Senior Offensive Security Engineer

Offensive Security Engineer, Senior Hybrid | DC or Richmond, VA $180,000 - $200,000* base salary Glocomms partnered with a leading Real Estate firm in the search for a Senior Offensive Security Engineer to enhance the offensive security capabilities across internal and external processes, infrastructure, and applications. You will be responsible for creating test plans to validate identified vulnerabilities and demonstrate their exploitation. Effectively communicating exploit details and the ability to discuss in-depth technical information with non-technical senior management is crucial for success in this role. You are expected to stay updated on the latest techniques, tools, and trends used by threat actors. Requirements: 6+ years of experience within a technical security, network, or software position with 3+ years of specific offensive security experience Demonstrable expertise with penetration testing, red teaming, and identifying vulnerabilities Ability to lead a team and take initiative with planning/executing Red Team and Purple Team activities Proficiency with scripting and programming, such as PowerShell, Python, Bash, etc. OSEP, OSCP, CRTO, GXPN or similar certifications preferred Bachelor's Degree required from an accredited, not for profit university or college Excellent verbal and written communication skills *Compensation dependent on candidate experience and geographic location

US$180000 - US$210000 per year
Washington
Apply

Red Team Penetration Tester

Red Team/Penetration Tester Location(s): Washington DC, Arlington VA, Irvine CA, San Diego CA. Compensation: $150,000 - $220,000 Glocomms is partnered with a globally leading tech firm in the Real Estate industry in the search for Red Team/Penetration Testers to join the in-house Product Security team. The position will focus on the secure design, development, and integration of web applications by identifying threats and vulnerabilities, conducting attack simulations, gather threat intel, carry out manual and automated network and applications pen-test's, threat modeling, and social engineering. Key responsibilities: Conduct attack simulations and create threat scenarios to test the security posture of the organization's web and network applications. Conduct intelligence gathering, manual and automated pen-tests, social engineering, and threat emulation activities. Develop, implement, and maintain customer testing tools. Create payloads/exploits to be utilized during Red Team activities. Be proficient with scripting/programming languages for automation. Conduct threat modeling and in-depth code reviews. Create artifacts and represent finding to senior managements. Collaborate with Blue/Purple Team, Engineering, Infrastructure, and Software teams on remediation efforts, evidence gathering, and strategic roadmap planning.

US$150000 - US$220000 per year
Washington
Apply

Senior Network Security Engineer

A fast-growing bank is looking to bring on a Senior Network Security Engineer to play a leading role in their organization's security team. The position will own the administration of Palo Alto and Cisco Firewalls, Cisco ISE and Umbrella, with routing and switching as needed (<20%). Proficiency in Cloud Networking, SD-WAN, and Wireless, as well as professional certifications and financial services industry experience are preferred. Position is hybrid, based in Dallas, TX. Fully remote work may be possible for the right candidate. Compensation is negotiable, based on experience and interviews, likely in the range of $120k-$160k. If this role sounds like the right fit for the next step in your career, please apply to the ad!

US$120000 - US$160000 per year
Dallas
Apply

Lead Network Engineer, AI/LLM Automation

A global data and media company is looking to hire a Lead Engineer for their high-speed network infrastructure team. The position will lead a team of engineers who are supporting the growth of the AI/LLM platform using software-defined networking and software development. Required Skills: Programming in a major language: Python, C/C++, Go, etc. Proficiency in Networking Technologies, including Routing, Switching, and Security Strong exposure to high-speed networking systems and communication frameworks Software Development skills are required for this role Location: Santa Clara, CA - Remote slots are limited, but may be possible for the right candidate. Hybrid, 3 days in office Compensation: Compensation can be upward of 180k base for the right candidate, total package may exceed 400k for the best candidate. If this sounds like the right step for your career, please apply to the ad!

US$180000 - US$400000 per year
Santa Clara
Apply

Product Security Penetration Tester (Web Application)

A high-growth web-based company needs to expand the Product Security Penetration Testing team to secure and support the growth of one of the world's key internet platforms. Requirements: 5+ years of dedicated Penetration Testing, Application Security, and Product Security experience, with a focus on web-based applications Knowledge of SAST/DAST and multiple scanning tools to secure dozens of applications. Expert knowledge and ability to secure the software development life cycle Recent work experience with automation, ci/cd and devsecops principles Scripting/Programming or Development ability in a common language (proficiency may determine level) Willingness to grow and adapt as the platform scales significantly - it has seen transformative growth in the last 3 years that will continue Must have experience and a great interest in securing and pentesting specifically web applications Must be fully authorized to work in the US Nice to Have: Relevant Certifications Previous experience at a company or team pentesting over 100-200 applications per year Very strong development and automation experience may attain higher levelling Computer Science Education Background Location: Job Site is in Virginia, onsite policy is hybrid 3 days per week in the office Compensation There are multiple levels, based on experience and interviews, ranging from $140k base to over $200k base. Timeline This is New Role and Urgent Need for the security team, with selected candidates expected to complete interviews in June and and start in July, 2024.

US$140000 - US$200000 per year
Virginia
Apply

IT Security Consultant

IT Security Consultant Annecy, France - French and English Speaking 2 Days per Week on site Start Date : 02/09/2024 Long-Term Engagement on Rolling Contract (6-Months) TJM : 450-650€ Customer Details Our customer is one of the largest Winter Sports Groups in the world, they have around 10 brands within the group globally and have their European HQ's in Annecy and Munich with their team being split across the globe. They have had some investment in improving the quality and effectiveness of their Cyber Security so are looking to invest in a Security Expert to join their Risk Management and Secure by Design team. The company offers a great chance for a long-term engagement, a chance to work as part of an International team and a brilliant opportunity to be involved in the decision making and shaping of the companies future Cyber Security practises. Glocomms have worked with the customer for the last 4 years and have been responsible for numerous key hires into their business. Job Details Primary responsibilities will include working with all the departments across the business and consulting with them to advice on the best approaches when it comes to making sure they are compliant and proposing solutions to ensure the best practises are carried out. You will be working closely with the CISO team handling the topics around Cloud, Systems, eCommerce and Cyber Security and helping them to further build their team over the next few months. The ideal candidate will be someone from a technical background (Networking, Systems, SecOps) who has moved into a Cyber Security position under taking projects around Risk. Technical Knowledge : Risk Analysis, Risk Management, Public Cloud, Systems (Windows, Linux, VMware), Cyber Security (ISO 27000, CISSP) You will be joining a direct team of 4-5 people, which includes the CISO, Assistant CISO, a Security Architect and some more junior team members. Given the international context of the company, you will need a professional level of both English and French. Day to day French will be used but English will be used across the wider company. Great opportunity for this mission to last for close to 2 years, the roadmap dictates this at the moment. No certifications are a prerequisite but if you have a CISSP or any ISO certificates, it will certainly support your application. Get in Touch james.evans(@)glocomms.com +44 203 758 8905 https://www.linkedin.com/in/jamesevansglocomms/

€450 - €650 per day
Annecy
Apply

McAfee Web Gateway (SkyHigh) Engineer

McAfee Web Gateway (SkyHigh) Engineer Paris 17 - French and English Speaking 2 Days per Week on site Start Date : 24/06/2024 3-Year Mission on a Rolling Contract TJM : 500-800€ Customer Details Our customer is one of the World's biggest Insurance Groups who are based out of Central Paris - they have a global reach with teams based in Germany, Belgium, UK, Spain, Portugal, APAC and North America. Due to an increased demand in project work load and a transformation of their Infrastructure the customer is looking to add TWO external contractors to the team. The customer offers a fantastic opportunity for a long-term engagement, aswell as flexible on-site working and the chance to shape their Methodology and Practises for years to come! Glocomms have worked with the customer for the last 3 years and we have been responsible for over 30 placements into their Network, Cyber Security and Systems teams during this time! Job Details McAfee Web Gateway (SkyHigh) Engineer Primary responsibilities will include Technically advise and support SWA Product management on the ownership and definition of the Product Strategy, roadmap and lifecycle to ensure to serve the security objectives Technically advise, lead and support technical discussion with Group security related to any topics related to the product Technically advise, lead and support any technical activity and improvement that may be set up on the proxy product and related to: Policy configurations, Security reports requirement, Performance improvement, Automation, New additional features, Service management To challenge and lead technical discussion with the vendor for topics as service request, or incident ticket, or improvement plan or new feature, etc. To support and advise the BAU service provider on some level 3 activities and work closely with their L2 support teams to technically lead and advise them on their daily activities To support, lead and manage incidents resolution related to web gateway daily operations. Support and technically advise on new customer's demands and assess the technical sets-up on proxy configurations to answer the need To technically advise, lead and support the standards definitions Prepare technical documentations and procedures to support the overall projects and BAU teams Analyze user or application internet activities for security purpose. Analyze user or application internet activities for performance improvement. To head up on the integration of the web gateway product with the overall environment Webgateways security role and key design. McAfee webgateway solution on premise & cloud Migrating users from on premise proxy to McAfee web gateways Cloud solution. Tech Stack : Experience on Network and Security Technologies, Strong experience on McAfee WebGateway (SkyHigh) solution as well as other security products is a plus Get in Touch james.evans(@)glocomms.com +44 203 758 8905 https://www.linkedin.com/in/jamesevansglocomms/

€500 - €800 per day
Paris
Apply

VP of Information Security

Calabasas, CA or San Diego, CA (Hybrid-Flexible) Glocomms is partnered with a dynamic and rapidly growing e-commerce company committed to providing its customers with exceptional service and innovative products. The client is seeking a highly skilled and experienced Head of Information Security to lead efforts in safeguarding its digital assets, ensuring compliance, and maintaining the highest standards of security. The technology stack is predominantly based on Microsoft technologies and primarily utilizes AWS for cloud infrastructure. Position Overview: The Head of Information Security will be responsible for overseeing all aspects of information security, including incident response, bug bounty programs, vulnerability remediation, and compliance. This leadership role requires a strategic thinker with a hands-on approach, capable of managing and developing a high-performing security team. The successful candidate will have a proven track record in information security within the e-commerce sector or a similar fast-paced environment, with strong experience in a Microsoft tech stack and AWS cloud infrastructure. Key Responsibilities: Leadership and Strategy: Develop and implement the overall information security strategy aligned with business objectives. Lead and manage a team of three information security professionals, fostering a culture of security awareness and continuous improvement. Provide strategic guidance to executive leadership on security initiatives and risk management. Incident Response: Oversee the incident response program, ensuring swift and effective handling of security incidents. Coordinate incident response efforts, including investigation, containment, eradication, recovery, and post-incident analysis. Develop and maintain incident response plans, playbooks, and runbooks. Bug Bounty and Vulnerability Remediation: Establish and manage a bug bounty program to incentivize external security researchers. Oversee vulnerability management processes, including regular scanning, assessment, and remediation of security vulnerabilities. Collaborate with development and operations teams to ensure timely and effective remediation of identified vulnerabilities. Compliance and Governance: Ensure compliance with relevant regulations, standards, and frameworks (e.g., PCI-DSS, GDPR, CCPA). Develop and maintain security policies, procedures, and documentation. Conduct regular security audits and assessments to ensure compliance and identify areas for improvement. Risk Management: Identify, assess, and manage information security risks across the organization. Implement and maintain security controls to mitigate identified risks. Develop and deliver security awareness training programs for employees. Technology and Innovation: Stay current with emerging security trends, threats, and technologies. Evaluate and implement new security tools and technologies to enhance the security posture. Collaborate with IT and engineering teams to integrate security into the software development lifecycle (SSDLC). Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree preferred. 10+ years of experience in information security, with at least 5 years in a leadership role. Proven experience in incident response, vulnerability management, and compliance within an e-commerce or similar environment. Strong knowledge of security standards, regulations, and best practices (e.g., PCI-DSS, GDPR, CCPA). Extensive experience with a Microsoft tech stack, including Windows Server, Active Directory, and related technologies. Strong experience with AWS or Azure cloud infrastructure. Excellent leadership, communication, and interpersonal skills. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable. All employees are required to be vaccinated against Covid-19 - reasonable accommodation requests will be considered. Benefits: Competitive salary and performance-based bonuses Comprehensive health, dental, and vision insurance 401(k) with company match Generous paid time off and holiday schedule Employee discounts for company products This is a hybrid position; employees are expected to be in the office three days per week (Monday, Tuesday, and Thursday) with the option of working remotely two days (Wednesday and Friday).

US$250000 - US$270000 per year
San Diego
Apply

VP of Information Security

Calabasas, CA or San Diego, CA (Hybrid-Flexible) Glocomms is partnered with a dynamic and rapidly growing e-commerce company committed to providing its customers with exceptional service and innovative products. The client is seeking a highly skilled and experienced Head of Information Security to lead efforts in safeguarding its digital assets, ensuring compliance, and maintaining the highest standards of security. The technology stack is predominantly based on Microsoft technologies and primarily utilizes AWS for cloud infrastructure. Position Overview: The Head of Information Security will be responsible for overseeing all aspects of information security, including incident response, bug bounty programs, vulnerability remediation, and compliance. This leadership role requires a strategic thinker with a hands-on approach, capable of managing and developing a high-performing security team. The successful candidate will have a proven track record in information security within the e-commerce sector or a similar fast-paced environment, with strong experience in a Microsoft tech stack and AWS cloud infrastructure. Key Responsibilities: Leadership and Strategy: Develop and implement the overall information security strategy aligned with business objectives. Lead and manage a team of three information security professionals, fostering a culture of security awareness and continuous improvement. Provide strategic guidance to executive leadership on security initiatives and risk management. Incident Response: Oversee the incident response program, ensuring swift and effective handling of security incidents. Coordinate incident response efforts, including investigation, containment, eradication, recovery, and post-incident analysis. Develop and maintain incident response plans, playbooks, and runbooks. Bug Bounty and Vulnerability Remediation: Establish and manage a bug bounty program to incentivize external security researchers. Oversee vulnerability management processes, including regular scanning, assessment, and remediation of security vulnerabilities. Collaborate with development and operations teams to ensure timely and effective remediation of identified vulnerabilities. Compliance and Governance: Ensure compliance with relevant regulations, standards, and frameworks (e.g., PCI-DSS, GDPR, CCPA). Develop and maintain security policies, procedures, and documentation. Conduct regular security audits and assessments to ensure compliance and identify areas for improvement. Risk Management: Identify, assess, and manage information security risks across the organization. Implement and maintain security controls to mitigate identified risks. Develop and deliver security awareness training programs for employees. Technology and Innovation: Stay current with emerging security trends, threats, and technologies. Evaluate and implement new security tools and technologies to enhance the security posture. Collaborate with IT and engineering teams to integrate security into the software development lifecycle (SSDLC). Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree preferred. 10+ years of experience in information security, with at least 5 years in a leadership role. Proven experience in incident response, vulnerability management, and compliance within an e-commerce or similar environment. Strong knowledge of security standards, regulations, and best practices (e.g., PCI-DSS, GDPR, CCPA). Extensive experience with a Microsoft tech stack, including Windows Server, Active Directory, and related technologies. Strong experience with AWS or Azure cloud infrastructure. Excellent leadership, communication, and interpersonal skills. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable. All employees are required to be vaccinated against Covid-19 - reasonable accommodation requests will be considered. Benefits: Competitive salary and performance-based bonuses Comprehensive health, dental, and vision insurance 401(k) with company match Generous paid time off and holiday schedule Employee discounts for company products This is a hybrid position; employees are expected to be in the office three days per week (Monday, Tuesday, and Thursday) with the option of working remotely two days (Wednesday and Friday).

US$250000 - US$270000 per year
Calabasas
Apply

Web Application Penetration Tester

Glocomms are partnered with a global leader in the online Real Estate market in the search for a Web Application Penetration Tester to join the Product Security division focusing on utilizing threat modeling, grey box penetration testing, and white box application security analysis. Key responsibility: Collaborate with Product and Software teams to ensure apps are created and implemented accordingly throughout the SDLC lifecycle. Conduct penetration tests on WebApps and infrastructure using both manual and automated techniques. Create an automated framework to improve AppSec controls supporting 100+ applications. Utilize a number of AppSec tools (SAST, DAST, Credential Scanning, ICA, SCA, etc.) to secure web applications. Identify risks and vulnerabilities and provide remediation POA&Ms. Develop automation methods to gather feedback and generate re-scanning. Create secure coding standards and training/support covering the firms' technologies and application frameworks. Conduct code reviews and provide recommendations to improve quality of code. Qualifications: Bachelor's degree from an accredited college/university in Computer Science, Cyber Security, or a related field. 6+ years of experience in Cyber Security with at least 3+ years of experience in a Penetration Testing/Red Teaming focused role. Experience designing, implementing and operation SDLC. Strong experience with defense-in-depth strategy. Hands-on programming skills in Python, C# (preferred), PowerShell, Java, Perl, GoLang, .NET, API Integration, C/C++, etc. Experience automating CI/CD pipelines and IDE interfaces such as SAST and SCA solutions including AppScan, Veracode, X-Ray, Synk, or Synopsys. Penetration testing certifications (OSWA/OSWE, OSCP/OSCE, GPEN, GXPN, GCPN, etc.).

US$190000 - US$210000 per year
Washington
Apply

DevSecOps Engineer

Locations: Washington, DC Metro Area or Richmond, VA Environment: Hybrid - 3 days onsite / 2 days remote per week. Glocomms is partnered with a real estate analytics pioneer dedicated to transforming the industry through digital innovation - enabling people to uncover properties, insights, and connections that enhance their business and personal lives. The client's portfolio includes over 75 other platforms and high-traffic web applications. The firm's robust platform security environment incorporates both commercial and custom-developed security controls across various platforms, including IDEs, CI/CD systems, cloud, and Kubernetes. The DevSecOps Engineer will contribute to a team employing infrastructure as code, scripting, and API integrations to implement scalable security measures consistently across all web applications. The position may range from associate to lead architect level. Primary Responsibilities: As part of our dynamic team, you will be responsible for building and advancing features of our product platform security suite, including: Providing real-time vulnerability feedback within IDEs for insecure build patterns and artifacts (including first-party code, third-party code, containers, infrastructure as code, and secrets) Enforcing vulnerability remediation SLAs during environment builds Conducting dynamic runtime scans of pre-production environments to prevent vulnerabilities from reaching production Performing continuous attack surface management, penetration testing, and exploit validation Managing cloud security posture and workload protection Ensuring security for cloud IAM and Kubernetes runtime controls Conducting cloud platform threat hunting and API security management Implementing WAF and Bot controls Integrating runtime/drift vulnerability feedback into product development teams' bug tracking systems Enhancing federated cloud security hardening, detection, and enforcement Managing data security posture Identifying and addressing secrets and sensitive data leakage in logs, code, and documentation Qualifications: Bachelor's degree from an accredited institution, preferably in Computer Science, Cybersecurity, or a related field Proven track record of dedication to previous employers 3+ of experience in applying security at scale within CI/CD systems, Kubernetes platforms, cloud environments, or CDNs Proficiency in scripting or infrastructure as code using Python, PowerShell, Ansible, CloudFormation, Terraform, or similar languages Experience in a software development environment with mature CI/CD practices Strong passion for solving complex challenges, innovating, and being deeply engaged in your work Excellent communication skills, capable of engaging with both software development teams and leadership Thorough understanding of various security assessment tools Knowledge of infrastructure operations, including databases, networking, and system administration Ability to convey risk and urgency for remediation to different levels of leadership Capability to mentor and guide team members in prioritizing security efforts effectively Self-starter with the initiative to advance the application security program and follow through on ideas to completion Hands-on experience integrating security tools into CI/CD pipelines Experience with testing serverless cloud deployments Benefits and Perks: The client offers competitive compensation and performance-based incentives along with professional and academic growth opportunities including internal training, tuition reimbursement, and an inter-office exchange program. The comprehensive benefits package includes: Medical, vision, dental, and prescription drug coverage Life, legal, and supplementary insurance Mental health counseling services, both virtual and in-person, for individuals and families Commuter and parking benefits 401(k) retirement plan with matching contributions Employee stock purchase plan Paid time off Tuition reimbursement Access to onsite fitness centers or reimbursement for fitness center memberships, with options for yoga, personal training, and group exercise classes Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and healthy snacks All qualified candidates eligible to work full-time in the United States are encouraged to apply. Unfortunately visa sponsorship (including F1-OPT) is not available for this position. Candidates seeking C2C/C2H employment will not be considered. Interested candidates must be willing to work a HYBRID (3 days/week onsite) schedule to be considered for this position. **Company is an Equal Employment Opportunity Employer. The firm maintains a drug-free workplace and conducts pre-employment substance abuse testing.**

Negotiable
Washington
Apply

Cyber Security News & Insights

The Strategic Importance of Network Security: Beyond the Tech Image
cyber-security

The Strategic Importance of Network Security: Beyond the Tech

In today's digital era, where every facet of business is intricately intertwined with technology, network security is a growing concern. But while it's often pigeonholed as a purely technical issue, this viewpoint misses the broader implications. Network security is not only about firewalls, intrusion detection systems, and encryption; it's about strategy.A Strategic Defense against Cyber ThreatsHow we protect our data and systems from cyber threats is a direct reflection of our strategic priorities. The kind of security protocols you adopt, the technologies you embrace, and even the response mechanisms you have in place can shape the brand image and trustworthiness of your business in the eyes of your stakeholders.The Power of Cloud and Hybrid NetworksWith the increasing shift towards cloud and hybrid networks, businesses can no longer depend solely on traditional defense mechanisms. The strategic choice of leveraging cloud technologies requires an equally strategic approach to security. It's about seamlessly integrating on-premise infrastructures with cloud environments while ensuring that both are fortified against threats.Bridging the Network Security Skills GapThe technological landscape is constantly evolving, and with it comes new challenges. Our clients are increasingly looking for candidates with the skills needed for network automation to enhance performance, and tools like Terraform and Ansible to remain agile and efficient.However, there's a noticeable gap between demand and supply when it comes to expertise in these areas. Businesses are in dire need of professionals who can navigate the complex world of network security and automation.Connect with the Experts​Are these challenges affecting your hiring opportunities? Is the rapidly shifting landscape of network security causing uncertainties in your staffing needs?You're not alone. Many businesses are grappling with similar issues, and they require a strategic partner who understands both the technical and strategic dimensions of the domain.Reach out to James directly by completing the form below. Let us help you navigate these challenges and ensure that your network security strategy is robust, dynamic, and forward-thinking.Request a call back​

Read More
Hiring Cyber Security Talent Image
cyber-security

Hiring Cyber Security Talent

There are many verticals we specialize in here at Glocomms across the cyber security space, each with their own unique hiring trends. Here is a brief overview of some of the cyber security developments we are seeing across manufacturing, health technology, media & entertainment, and SaaS. ManufacturingCyber security is a fundamental challenge for any business leader, but manufacturing has officially overtaken financial services, healthcare, and insurance, to become the world’s most attacked sector[i], due to increases in reconnaissance targeting. As more supply chains and manufacturing facilities embrace digital software for efficiency reasons, there is the dual challenge of losing precious time to mitigating cyber-attacks. This presents the industry with an acute need for more cyber security professionals to prevent such attacks, but with a tight talent pool, competition for the best professionals is high. Europe’s automotive manufacturing and supply chain companies[ii]saw demand rising for cyber security professionals more than any other industry last year. This figure is compiled by GlobalData, whose thematic approach groups company activity to see which organizations can best weather disruptions and tackle issues “that keeps a CEO awake at night.” Health Technology The threat to healthcare and healthtech from cyber-attacks cannot be understated – 32% of healthcare security leaders said they had to divert patients to other providers after cyber-attacks, according to Imprivata’s report[iii], a digital identity company for life and mission-critical industries. ECRI[iv], a non-profit that focuses on healthcare technology and safety, also cites cloud security in its list of, ‘Top 10 Health Technology Hazards for 2023.’There is a greater need for cyber security professionals who can protect patient data as the healthcare industry becomes more reliant on technology. Medical institutions also need to create a culture of cyber security, to assist cyber experts when they come into the business. Media & EntertainmentYou may recall the leaking of the script for the James Bond movie ‘Spectre’[v], which highlighted how vulnerable the media & entertainment industry can be to cyber-attacks. Streaming services such as Netflix have also seen their own customer data breaches, with ransomware authors also becoming more adept at finding vulnerabilities, and thus exploiting them[vi]. So, how can the industry protect itself? Ultimately media & entertainment platforms need to invest in cyber software and professionals. Household names can utilize their brand power to attract talent and invest profits back into internships to enable new talent to enter the market in the future. Thinking long-term and planning for the talent of tomorrow is one strategy to future-proof an organization, because large-scale media & entertainment names cannot afford the reputable fallout of security breaches. SaaSThe popularity of Software-as-a-Service (SaaS) platforms is only going to grow, and the more applications an organization has in its tech stack, the greater the risk of cyber breaches. This means it is crucial to keep up with cyber security developments to maintain customer trust and platform integrity. According to Forbes[vii], “SaaS security is unique because of the velocity of new SaaS being adopted and the decentralized purchasing decision process. These two things combined break the traditional cybersecurity frameworks.”While business leaders and CISOs must adopt a risk mindset, whether working for a SaaS company or using one as a customer, the reality is that one way to mitigate cyber threats is to consider hazards outside of the software itself. Cyber experts can be employed to also educate users and have visibility over data transmissions. Often organizations are at the mercy of employees exposing information, therefore businesses must find talent that can not only lead it securely, but also has soft skills in teaching colleagues and training the wider organization on best practice. ​A number of industries are competing for the same cyber security talent. There are different push and pull factors dependent on the individual being hired, so a nuanced approach as opposed to a one-size-fits-all strategy will result in talent being more attracted to a business. To hire the best candidate for your open role, get in touch with Glocomms today. As a specialist talent partner in Technology, we have access to industry-leading talent around the world. Find the talent you need by submitting your vacancy, or request a call back to elevate your hiring process with the right talent partner today.

Read More
Cyber Security Talent Insights Image
cyber-security

Cyber Security Talent Insights

​​The cyber security market is predicted to grow to $266 billion by 2027, but with opportunity comes many risks, disruptions and challenges. With skilled business-critical cyber security professionals in high demand, companies must develop effective hiring solutions to capitalize on the market and protect their systems, networks, and data against cyber attacks and security breaches.In this report, our technology talent experts at Glocomms guide you through:Key trends in cyber security, from market risks to hiring approachesTop priorities for candidates in the cyber security fieldInsights from Katie Owston, Associate Vice President at GlocommsKey takeaways and recommendations for both hiring managers and professionalsDownload your copy of the 'Cyber Security Talent Insights' report by completing the form below:​​

Read More
Three IoT Cybersecurity Trends For 2019 Image
cyber-security

Three IoT Cybersecurity Trends For 2019

​As the world becomes more connected, the Internet of Things (IoT) continues to expand. Gartner forecasts that 14.2 billion connected things will be in use during 2019, rising to 25 billion by 2021.In the wake of this increased connectivity, cybersecurity breaches emerged as the #1 concern for US CEOs at this year’s World Economic Forum. Here, we explore three key cybersecurity trends impacting the IoT in 2019 and how they are shaping the labor market.The emergence of 5G5G is 2019’s hottest trend in IoT and its impact is expected to be huge. It has the potential to transfer higher volumes of data and connect to more devices up to 20 times faster than 4G. By 2020, Gartner forecasts that 60% of organizations plan to deploy 5G, while Ericsson’s 2018 Mobility Report predicts that by 2025 1.5 billion of us will be connected to 5G. While 5G will integrate the Internet of Things more deeply into our lives and open up numerous possibilities for consumers and businesses, it brings with it a much higher cyber security threat. A world that is almost entirely connected means organizations will be exposed to significant new cyber risks that businesses must be prepared for. IIoT : Industrial Internet of ThingsThe Industrial Internet of Things, or IIoT, refers to billions of industrial devices connected to wireless networks which collect and distribute data across industries as diverse as healthcare, utilities and transportation. This gathered data is analyzed to improve businesses processes and productivity to enable faster and more accurate decision making. The IIoT protects the critical infrastructure and systems we rely on and may take for granted in our day-to-day lives.A broader base of assets connected to more diverse systems and devices offers more points of entry for a potential breach and industries must rethink its security. System failures in the IIoT can have high risk consequences and without effective protection serious disruption can occur. The emergence of 5G will also have an impact on the IIoT. 5G enabled devices will require a new level of cybersecurity to protect infrastructures, with denial of service attacks (DOS) becoming a significant concern. For instance, in March 2019, a cyber disruption to the US grid reported by the Department of Energy involved a "denial of service condition" at a Western utility.IoMT – (Internet of Medical Things)​Emerging technologies are transforming the healthcare sector. Connected medical devices gather vital data to provide insights into patient symptoms, enable remote care and improve treatment. However, healthcare remains a vulnerable area in cybersecurity.The cost of data breaches in the IoMT are among the highest across all sectors, yet many healthcare facilities still rely on outdated operating systems. 4.4 million patient records were breached in Q3 alone in 2018, highlighting the need for extreme precautions.Again, 5G will have a far-reaching impact on the IoMT, with the increased connectivity substantially raising the potential for data breaches.The cybersecurity skills shortageThe rise of the IoT and the investment in 5G technology are putting immense pressure on demand for cybersecurity talent. An estimated 2.93 million cybersecurity positions globally are currently unfilled. A staggering 500,000 of those are located in the US.At the same time, while jobs postings for cybersecurity roles are up, applications have fallen.In the longer-term, 5G technology is expected to create an estimated 22 million jobs by 2035, requiring skills that people don’t yet have and placing more pressure on a jobs market struggling to keep pace with demand.Without a seamless and effective hiring process, organizations simply don’t have the capability to develop effective security procedures to both detect and prevent cyberattacks and protect vital data.Glocomms has recognized a tremendous opportunity in the emergence of 5G and the increasing reliance on IoT in our everyday lives.Given this market knowledge, we have developed a recruitment practice focused exclusively on networking and building a talent pool within IoT and IoT security. Having built relationships with some of the world’s premier IoT, IIoT and IoMT vendors, Glocomms continues to establish itself as a major provider of talent in a very niche and undersupplied IoT talent market. With lines of business that cover everything from Sales and Marketing, Product Management/Development, Software Development & R&D, Data Science & Engineering, and Cyber Engineering & Operations, we can confidently address the needs of any growing IoT vendor across their product development lifecycle. We work closely with vendors as they build and deploy their products and services, from early stage and greenfield organizations to companies looking to ramp up their sales and marketing teams and ensure their products and solutions reach the doorstep of every potential customer.Regardless of your business growth needs, we’ve got you covered!For more information about how to reach one of our specialized IoT recruitment consultants, or to learn how our business can become an extension of yours in finding that tough to reach IoT talent, contact us today.

Read More
How to Get Ahead in Cybersecurity Image
cyber-security

How to Get Ahead in Cybersecurity

​A career in cybersecurity is one of the most sought after in the tech field and can be a fulfilling and lucrative option for talented and ambitious professionals. Cybersecurity experts play a vital role in keeping their employers and their customers safe while online. But to succeed requires specific qualifications and experience.Here we take a look at how to get ahead in this rewarding field.Where are the jobs?In short, everywhere.From American universities to British Airways and Facebook, hackers have caused havoc for employers throughout 2018. No sector or organization is immune. By 2021 it’s predicted that at current levels of rising demand versus expected candidate availability, there could be a staggering 3.5 million open jobs in cybersecurity.Cybersecurity talent is sought after around the globe but in particular:In the UK and Europe, the introduction of the EU’s GDPR (General Data Protection Regulation) more than tripled demand for cybersecurity professionals in 2018. The GDPR is also expected to be one of the top cybersecurity concerns for employers in 2019.Australian and Canadian employers are experiencing serious national skills shortages in the sector.A 28% growth in cybersecurity jobs is predicted from 2016 to 2026 in the US.What about the gender gap?The gender gap is real and not predicted to close any time soon.  Females are underrepresented in the cybersecurity sector. It is estimated that around 20% of cybersecurity professionals are women but some studies suggest a much lower figure. Deloitte’s global Women in Cyber initiative launched in July 2018 to address this issue and encourage more females to explore a career in the sector. If you’re considering that option, this initiative offers real-life insight from women working in the sector, including advice on how to build a career in cyber, the potential challenges and the skills needed to succeed.A lucrative careerDemand is pushing up average salaries for cybersecurity professionals, which stands at around c$117,000. Pay for entry level jobs is also soaring. Graduate roles in the US now attract salaries of close to $100,000 per annum, more than in any other sector. Your salary will depend on your level of expertise and experience – and the specific requirements of a prospective employer. Speak to your recruiter for more detailed advice.A career with securityLike most of the tech sector, cybersecurity is one of the most reliable professions for long-term job security. The role of Cybersecurity Engineer is predicted to become the most in-demand tech job in 2019 but opportunities are varied and numerous. Other roles include security engineer, security analyst, penetration tester, and cryptographer. The emerging role of Chief Cybercrime Officer may also become critical to larger organizations in 2019 as data hacks are expected to rise.The key to success is to stay on top of current trends and develop the skillsets that make you more valuable to employers.  As well as the GDPR, research suggests that the top cybersecurity concerns for businesses in 2019 including phishing, ransomware, the cloud and cryptocurrency mining.Have you got what it takes to succeed?If you’re considering a career in this specialist sector, or seeking your next career move, here’s our advice:A bachelor’s degree in cybersecurity or another field of computer science is essential for most employers. Many cybersecurity professionals move from traditional tech roles, such as systems administrator into more specialized positions through additional training.For entry level candidates, deciding on your specialization can help to make you more attractive to businesses.Ensure you constantly refresh your skills and invest in your future. Tech is rapidly changing and new skillsets are required constantly.For professionals looking for a leadership role, the same advice applies. Stay ahead of trends in the sector and work on the skills that are needed for your next career move. Acquire the most relevant certifications and training, through online courses or a master’s degree for example.Networking should be an ongoing strategy to help you to fulfill your long-term career goals. Keep your LinkedIn profile up to date and build professional relationships with people in your field.Speak to a specialist recruiter who knows your sector inside out and is ideally positioned to advise on your next career move.Working with a specialist recruiter like those at Glocomms, can help understand your career options within cybersecurity and make sure you secure a job that is a perfect fit for you. To learn more, get in touch with Glocomms today.​

Read More
Cybersecurity Market Update Image
cyber-security

Cybersecurity Market Update

​Glocomms' insight on the 2018 Cybersecurity Landscape Across the End-User and Vendor ArenasIntroductionGlocomms was founded on the premise of Cybersecurity becoming the most in-demand and integral part of technology across all industries. In 2017, we saw a multitude of high-profile cyberattacks targeting various companies including Uber, Deloitte and Equifax with the most prominent attacks being WannaCry and Petya. Given the visibility on the cybersecurity market, Glocomms expects to see a large focus on hiring resources and talent to develop and elaborate the hardening of security practices. Such developments include in-house security operation centers (SOC), increased spending on the most innovative threat intelligence products and AI talent and the adoption of automation and cloud security practices in order to properly protect customer and employee data.​The consequences of insufficient security and data protection were recently highlighted by Facebook stocks sliding nearly 15% in a 36-hour window, off the back of an exposed global data breach. Such high profile examples prove that Cybersecurity has the attention of the global media platform and consequently, the market is tightening as the need for remediation in real-time is becoming absolutely imperative.​In order to provide this level of service on a 24x7x365, vendors and end users are adopting advanced solutions. The two main trends we have seen in the first quarter of 2018 have been the integration of Artificial Intelligence & Data Science coupled with the need for Automation & Cloud Security. ​AI/Data Science & Cloud AutomationOur recruitment business gives us a unique look into these trends, as our business model is comprised of two main pillars of focus: Cybersecurity and AI/Data Science. We see the perspective of urgent needs for specific skillsets, as well as the perspective of building expertise through seeking new challenges and career options through working with stealth-mode to IPO vendors as well as the world’s largest global end-users.​When considering the impact AI can have on Cyber, it is clear why artificial intelligence, machine learning and data science will have a huge impact on the ability for software to be able to detect and remediate intrusions and vulnerabilities. Nonetheless, it is who brings the expertise that affects how analytics will impact the industry given these will be the individuals building models to analyze and make sense of the data.​In order to understand the talent pool, we need to understand what motivates individuals to bring their experience to the cybersecurity industry. Most frequently, we see these professionals are motivated by the exposure to working with novel, proprietary, and in this case, unknown data. Additionally, not only the access and exposure to the data is compelling, but also the advanced decision making predictable by the data that draws this talent into the industry.​We have also seen increased attention on the automation and acceptance of risk adverse cloud usage cases, the adoption of MSSP’s that offer integrated threat analytics/ threat management solutions, and new industry trends that dive deeper into the impact AI can have on this ever-changing landscape across the vendor and end-user arenas.​Artificial intelligence, machine learning and data science are being leveraged in a variety of ways and can be exhibited by the huge influx of neural network and deep learning talent transition into the threat analytics arena. Given the sheer magnitude and significance of personal information embedded within the data across industries such as healthcare, financial services and commerce, it is no surprise that data scientists are excited about an opportunity to advance security solutions and play an impactful role on the business/product at large. We know from speaking to these professionals that it is the access and exposure to novel and unique data across the abovementioned industries that drive and motivate their career interests.​Given that Data Science/AI & Cybersecurity are the two focal points of our Glocomms business, it is exciting to see the transfusion of these emerging technology industries shaping the future of the entire technology landscape across all industries.​Investment BanksCloud security is currently the hottest trend from an end-user perspective. This trend is clear, given the activity we have seen across the finance industry as they move towards the adoption of specific usage cases for the various open source cloud platforms. This is exciting because these have historically been some of the most proprietarily kept platforms in the world – some banks even used proprietary coding languages to build their platform! In order to be comfortable with these offerings, the institutions now need to put together documentation on the risk assessments attributed to such solutions. Once these frameworks and usage-cases are clearly determined and outlined, offerings will begin to spread across more and more business units. Currently, large asset managers and global investment banks offer their clients a commercialized version of their front-office risk systems but this is only one portion of what the cross-business platform has to offer.​The next step will be providing an integrated and secure cloud-based solution across all layers of the risk management platforms that each of the various firms offer. Some banks are in the midst of developing a similar type of cross-business platform and although they may be scrutinized for their late-arrival to the party, it might work to their advantage given the new technology currently available because having an opportunity to build a platform from scratch using the latest and greatest products for hardening security layers and adopting cloud offerings allows for a more integrated and theoretically, hardened solution! It seems cloud security will be at the top of the list for most in-demand and least- attainable skill sets in 2018. This has already been evident given the vast hiring and increased compensation bands for cloud security professionals across the end-user arena. We believe the reason for this is these professional all need to not only bring the expert technical skills to the table, but also need to be able to communicate internally and externally with key stakeholders around usage cases for cloud offerings.​Buy-Side PerspectiveFrom a Buy-Side perspective, we have seen large global hedge fund clients looking to hire Encryption Engineers to build proprietary security layers into their existing infrastructure (often cloud-based). This is an obvious step in the right direction, given in the past it seemed many funds were scared by the prospects of putting their ‘secret sauce’ out in the cloud. Additionally, we have seen vast hiring across the Security Incident Event Management (SIEM) arena, most of whom, seem to be moving to Splunk given the versatility of the product. This is also consistent with what we have seen in Investment Banks this year.​From a recruitment standpoint, we see a huge amount of potential on the buy-side in 2018 and expect to see talents being directly targeted from the tech giants as these are the professionals with the most amount of exposure to novel data with the best skillsets for architectural remediation and hardening. ​Vendor PerspectiveAs the vendors continue to offer more and more comprehensive and integrated analytical solutions, the need to stay on top of the market and hire professionals that have experience with the most cutting-edge products becomes even more imperative. We have seen massive hiring across the vendor arena given the influx of investment and the urgent need for this analytical talent. The data being analyzed is ever-increasing and the adoption of AI is not quite keeping up with the workload for the SOC. Thus, we have still seen a steady stream of hiring within these types of positions including: threat hunters, incident responders and security engineers. Not only the vendors are hiring these professionals across the mid-senior level, but also the end-users are building their own in-house SOC’s to reinforce internal security measures creating more intelligent solutions on the network to detect vulnerabilities more quickly and readily. We have seen a large increase this year of around 20% higher than the industry standard this year in the compensation bands for someone with 3-5 years of experience with the abovementioned skills.​Glocomms’ cybersecurity recruitment practice is broken down across the vendor and end-user arenas as we have a commercial practice that offers talent solutions for our vendors across the entire product development lifecycle.As mentioned above, the adoption of intelligent threat hunting, incident response and vulnerability management has been clearly exhibited in a hiring trend of AI talent into the vendor and MSSP arena. ​Candidate TrendsAn interesting trend to note has been the movement of security professionals from the defense industry transition and partner with the financial services employees, in an attempt to continue to broaden the level of expertise and attention on security related problems. This talent is coming out of New York, Boston, Washington DC Metro Area, Texas, and California and heading to new security hubs forming in the Atlanta, South Carolina, Minneapolis and Colorado.Additionally, we have seen a large interest on the Financial Services side to hire talent from the Tech Giants given their background and exposure to massive amounts of data, enterprise level architecture, and forwards thinking technical skillsets.​Given the sheer magnitude of talent required, in the last 5 months, we have placed over 15 individuals for one Cybersecurity start-up that is still in stealth-mode on a retained basis! This project is ongoing and we expect to fill nearly 40+ roles this year with this one client given how perfectly our business models align, we have been able to deliver​Thus far in 2018 we have worked closely with a number of small to mid sized organizations (20-200 employees) on both Coasts undergoing large growth initiatives. Rapid growth is not uncommon for start-ups in this industry; these companies are primarily seeking analytical/AI talent, software engineers who are building their propriety platform and security professionals to advance the offerings. One interesting thing to note has been that security software engineers are receiving larger portions of equity given the impact their development of the platform will have on the multiplier attributed to the growth potential and in turn, value of the business.​For this type of endeavor we recommend a Multi-Hire Campaign (MHC) as we are able to best align our services with a companies specific and often urgent needs directly impacting our clients’ growth through an all-encompassing recruitment solution.​Many of our institutional clients are entirely revamping their security business units given the ever-changing nature of the available technology within the industry. As a result, we have staffed multiple senior, CISO/Strategic Leaders for our end-user clients whom will drive the growth initiatives going forward in 2018 and years to come. ​Mergers & AcquisitionsOur final cybersecurity market trend we wanted to highlight in this report corroborates the above with respect to focus and attention on new, cutting-edge, AI-driven threat management platforms. Security Vendors are being acquired by the big Tech Giants and large cyber players. The options are narrowing and the solutions are becoming far more comprehensive and integrated. Recent examples of this include: SQRRL were acquired by Amazon for $40 million; Phantom Cyber is being acquired by Splunk for $350 million; and CloudLock is bought by Cisco for $293 million. This showcases that the big-players are aware of the trends outlined above and are looking to eat up the market share and gain control of the growth and opportunity that is ravishing the emerging technologies marketplace. ​Diversity & InclusionDiversity and Inclusion awareness is at an all time high in the technology industry, with female representation and wage parity dominating the headlines. At Glocomms we find that identifying good practice, policies and initiatives to improve workforce diversity and inclusion are paramount for our clients. Throughout 2018, alongside our parent company, Phaidon International, we will be running a number of positive, action-orientated client events with relevant guest speakers and industry experts. The common themes of these initiatives will be to share pragmatic and proven successful practices that can tangibly improve diversity and inclusion within the workplace. By doing so our valued clients can enhance their access to wider talent pools for their meritocratic workplaces.​In relation to Cybersecurity – this is one of the most homogenized verticals within the technology arena and female-talent is highly scrutinized for being absent. Males hold 3 out of 4 jobs in tech, but specifically within cybersecurity, the numbers reflect that only 14% of the U.S. workforce in cybersecurity is female. [1] However, out of all of the areas within technology, we believe that Cybersecurity is the field that truly needs a diverse talent pool.​Working in Cybersecurity involves dealing with hugely complex issues and problems – teams need diversity so that problems are attacked with different viewpoints. At Glocomms we focus heavily on sourcing diverse talent within this field and working closely with our clients in creating a work environment to allow such talent to excel in their careers. In the past six months, 24% of the placements we have made in the Cybersecurity field are female. Whilst we still have a long way to go we are dedicated to doing our part to empower females to succeed in the industry.​In addition to females, Glocomms is committed to contributing to and being the driving force of change across all marginalized groups with respect to Diversity and Inclusion. Most recently, on March 24th, Glocomms was a sponsor for the second annual Out in Tech Talks[2], an event that united 400+ leading and aspiring LGBTQ+ and allied voices to advance the dialogue around diversity in tech and address the power of tech to create social change. It was an incredible event, showcasing the progress achieved while illuminating the massive amount of work left to do in reshaping the industry. Impressive panels included the leaders in Diversity and Inclusion at Amazon, Linked in and Youtube, an MD/Business Leader for the Cybersecurity business at a Leading Global Investment Bank and our own Executive Director at Glocomms.​Closing ThoughtsThis report was written and prepared by Giancarlo Hirsch, Vice President at Glocomms and accurate as of March 2018.​Glocomms has offices in NY and SF and is looking to launch offices in Boston, Chicago, Dallas and Charlotte in the coming 18 months. For more information or to get in touch with the team at Glocomms, please do reach out to usa@glocomms.com!​-------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cyber Security Talent Needed Amid Rising Cyber Threats Image
cyber-security

Cyber Security Talent Needed Amid Rising Cyber Threats

​​The cyber security industry is under mounting pressure. As cyber-attacks become more common and the amount of data stored online increases (not only in volume but also in sensitivity) most industries are naturally growing concerned at the exponential growth of cybercrime. A report from Ponemon Institute found that 47% of the 662 IT professionals questioned have experienced a cyber security breach within the last two years. These breaches took place in both the public and private sector across the globe.Cyber threats are occurring across the globe. One of the largest cyber security breaches of history occurred last year in theUS,when JPMorgan Chase fell victim tocybercrime. During this breach personal information such as the names, phone numbers and email addresses of 76 million households were acquired. In UK telecoms provider TalkTalk was hacked earlier this year, with bank details from thousands of customers being stolen. OKCoin, the world’s largest bitcoin exchange server, was also recently forced to suspend some of its services after experiencing a cyber attack from hackers.Such examples only further highlight the need for all businesses to strengthen their approach to cyber security, especially firms holding personal customer details. This has led to an increase in demand for cyber security professionals and a dramatic increase in opportunities available across several industries.A report recently released by the Identity Theft Resource Center (ITRC) revealed that the business sector has accounted for 16 million exposed records so far in 2015; the medical and healthcare sector is responsible for 120 million exposed records, and the government and military sectors are accountable for the loss of nearly 34 million records.As a result of these high-profile cases and alarming statistics, the same Ponemon report found that intelligence sharing is swiftly becoming a popular method to help fight off such malicious attacks. This practice involves vendors, industry groups and peer-to-peer exchange programs sharing the information they have available with one another in an open and collaborative environment.The majority of respondents said vendors were their main source of information on cyber security threats (61%), followed by peers from other companies (56%). Both platforms act as a key source of information on malicious IP addresses and URLs.However, the ever-evolving nature of IT and cyber security means information often comes with a very short shelf-life; threats are often replaced with new threats almost immediately – 60% of respondents said some information loses its usefulness within minutes. Yet, very few IT professionals receive security threat information in real-time.This is where the cloud could benefitITprofessionals. Just as employees are utilising mobile devices and the cloud to access business information and systems, IT security professionals could also be looking to this platform to access threat details. Wolfgang Kandek, the Chief Technology Officer for Qualys, has noted that moving away from traditional enterprise systems and into the cloud will allow security professionals to respond quickly and in the most effective and appropriate manner possible.The 2015 Global Cyber security Status report from the ISACA states that, come 2020 there will be 1.5 million unfilled cyber security roles across the globe. In order to meet these changing demands, the Asian market is investing heavily in cyber security practices and education. The US, on the other hand, is suffering from a severe lack of cyber security talent, particularly at the mid-senior level.This is driving up salaries for CISOs (Chief Information Security Officers) who have a successful track record of implementing proven policies and procedures and building successful teams. It’s also driving demand for the security consulting market, which is now worth over $15 billion dollars and saw year-on-year growth of almost 10% in 2015. This market is dominated by Deloitte, IBM and EY.The cyber security market is estimated to grow to $170 billion (USD) by 2020, at a Compound Annual Growth Rate (CAGR) of 9.8% from 2015 to 2020, according to a report from Markets and Markets. So how can businesses address the cyber security skills gap? Should talent be sourced from outside the industry and transferable skills given prominence, or should appropriate training, coaching and education be put in place within anorganizationfor talent to be trained internally from junior level? Even with a combination of these two approaches, is it a case that no matter how well prepared anorganizationis, the hackers and criminals will always be one step ahead?If you’re struggling to find the talent needed to meet cyber security needs, or are seeking new opportunities in the sector,contact the Glocomms team today.--------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that therecruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cyber threats in the aviation, aerospace and defense sectors Image
cyber-security

Cyber threats in the aviation, aerospace and defense sectors

​Cyber security is a rising concern across a number of industries but, for some sectors, such as aviation, aerospace and defence, cyber attacks pose potentially disastrous ramifications. As a result, groups such as airlines and aircraft manufacturers are collaborating to tackle this emerging threat, head on.Cyber attacks on the riseThe Director of Strategy & Safety Management at the European Aviation Safety Agency (EASA) has revealed that aviation systems are on the receiving end of thousands of attacks each month.The areas most vulnerable to attack are the connective communication systems between the plane and the ground, which transmit flight information, and on-the-ground networks.In June 2015 a cyber security breach took down the flight plan system of 10 planes for around five hours. This DDoS attack grounded nearly 1,500 passengers.Growth in areas such as the Internet of Things has increased awareness of risk in the sector as a new breed of threat is beginning to emerge. Director of Cyber Security at Israel’s Institute for National Security Studies,Dr.Gabi Siboni, commented: “The next 9/11 will be caused by computer hackers infiltrating aircraft controls”.An industry on the defenceSITA’s 2016 Airline IT Trends Survey revealed that 9% of airlines plan to invest in cyber security in the next three years, with 72% of the 200 airlines surveyed already investing in cyber security projects.The US launched the Aviation Information Sharing and Analysis Center (A-ISAC) in 2014. The A-ISAC includes input from airlines and security agencies, including Boeing, the NSA, the FBI, and the CIA. As of yet, Europe does not have a major presence in this collaborative project – the only European members are Airbus and Lufthansa.Europe’s cyber security defendersThe European Centre for Cyber Security in Aviation (ECCSA) has been set up by the European Aviation Safety Agency (EASA). The ECCSA boasts an Aviation Computer Emergency Response Team (AV-CERT) that helps analyse cyber threats to better understand their origins and identify security flaws, and which could help work towards technical solutions and create best practice guidelines to tackle the issue.The job marketDue to the rising threat and awareness in the industry, there is a clear shortage of experienced cyber security professionals. According to recent figures, there are only enough active candidates in this sector to fill 31.6% of opportunities. This is not endemic to the UK; Israel has 28.4%, Germany 35%, France 38.6%, the US 66.7%, and Canada 68.1%.Globally, we now need more cyber security professionals in order to protect ourselves from cyber threats.Economist MarianoMamertinocommented: “The problem is fast approaching crisis point and British businesses will inevitably be put at risk if they can’t find the expertise they need to mitigate the threat. “This should serve as a wake-up call to Britain’s tech sector – it must pull together to [...] attract more people into cyber security roles.”Cyber security candidates from outside the aviation industry will find it relatively easy to transfer across to aviation. Here at Glocomms, we specialise in recruiting across Connective Technology roles, over the last 6 months we have noticed the increasing demand for network security engineers, security architects and security analysts in the sector.We work closely with clients with in the sector to monitor and track the best talent in the market. If you are a cyber security expert searching for your next step, or you’re looking to bolster your cyber security team over the next few months, get in touch today.  ​-------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cybersecurity Salaries are on the Rise - Are you Ready? Image
cyber-security

Cybersecurity Salaries are on the Rise - Are you Ready?

​Do you have a strategy for attracting IT security talent in the next few years? This is a field in which demand is far outstripping supply and leaving positions vacant can have serious consequences. How will you attract and retain experienced professionals?According to a recent survey by Intel Security and Vanson Bourne, there are 209,000 unfilled security jobs in the US. Globally, there will be a 1-2 million shortfall in skilled workers in the field by 2019. Almost three quarters (71%) of large organizations questioned in the survey said this skills shortage left them vulnerable to cyberattacks.The rising threat: cyberattacksEvery organization is a potential cyber victim. A study by Forrester Research in 2015 found that 60% of brands experienced a breach of sensitive data that year. High-profile targets such as UPS, JP Morgan Chase, Sony, Experian and even the FBI have suffered considerable financial and reputational damage as a result of a successful attack.A recent Ponemon investigation found that the average cost of a breach is $3.8 million; a rise of 23% since 2013. For criminals, the possible rewards are huge. According to the 2016 Trustwave Global Security Report, a hacker investing $5,900 in a malware infection campaign could realise a 1,425% return on investment within 30 days, earning $84,100 as a result of the scam.With claims that nation states such as China and Russia are sponsoring security breaches, cybercrime is a threat that is not going to abate any time soon.Why cybersecurity should be on your C-suite agendaCybersecurity is becoming a more pressing topic for the C-suite. Installing a high quality firewall and antivirus software package is no longer enough; executives should be actively involved in developing cybersecurity strategies that focus on long-term proactivity, not short-term defensiveness.  A government committee in the UK has even gone so far as to propose that CEOs and senior executives should be subject to fines and custodial sentences if found negligent on cybersecurity.Worryingly, many senior teams still fail to grasp the importance of cybersecurity to business success. A 2014 survey found that around 33% of management boards received no regular reports about cybersecurity at all.[vi]Frequently, where security is found to be lacking an organization provides funding for short-term fixes rather than committing resource to a holistic, long-term strategy.The shortage of cybersecurity professionalsThe availability of experienced specialists is reaching crisis levels. Among security professionals, 23% said the lack of talent in this area is the biggest challenge facing the IT industry; 12% of all IT professionals agree.A recent Intel report found that 82% of organizations in the US, UK, Japan, Israel, Germany, France and Australia are experiencing a shortage of skilled workers in cybersecurity; 53% of organizations said recruitment difficulties were worse in this field than for other IT roles. Intrusion detection, attack mitigation and software development were the areas with the most severe shortage of eligible candidates.According to data from the Bureau of Labor Statistics, the challenge is set to increase: demand for cybersecurity professionals is predicted to grow 53% over the next two years.New graduates cannot simply fill these roles because only 23% of organizations see educational programs as giving candidates the skills they need to enter the industry.Hands-on experience and professional certification are valued much more, but these take time to acquire.How can you attract good recruits?In this competitive recruitment environment, what can you do to secure top talent? Unsurprisingly, pay is a major draw for promising professionals; the average compensation for an information security manager grew by around 6.4% in 2015-16.The US national average salary of a cybersecurity specialist with three or more years’ experience is $99,000. With five years’ experience, the average salary rises to $118,000.A substantial 80% of security professionals said a salary increase could persuade them to move to a new employer. This reflects a widely-held belief that despite mounting workloads, pay is not keeping up with the value they contribute to an organization; 61% of security professionals believe their salary is falling behind business growth and demands, compared to 55% among other IT professionals.How can you retain top talent?With unemployment rates among this group approaching zero, there are plenty of businesses out there looking to poach dissatisfied employees from their competitors; 74% of cybersecurity professionals have been targeted by head hunters in the last year.In terms of retention, focusing on job satisfaction and workload might help to keep good employees. The shortage of skilled professionals means there is more pressure on existing workers; 60% of cybersecurity professionals say they expect their workloads to increase in the next 12 months.If you pile the work up too high, your valued employee could simply move elsewhere.Contact Us to find out how Glocomms can help you.------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Get in touch today to see how Glocomms can help you.

Read More
The Cyber Security Challenge Image
cyber-security

The Cyber Security Challenge

​Reports indicate that the cyber security market is due to dramatically expand in the following few years, with new technologies emerging and the need for such technologies increasing.The proliferation of connected devices, services like the Cloud and bring-your-own-device (BYOD) practices means that the threat of cyber-attack is now growing faster than ever and, as a result, there is expected to be a boom in the cyber security industry.According to a MarketsandMarkets industry report, the cyber security market will increase from the $106.32 billion it is worth today, to $170.21 billion by 2020, at a compound annual growth rate (CAGR) of 9.8%.Worldwide governments are makingcyber securitya key political focus. The US is currently leading the way, according toLarnoLimnell writing for the International Business Times. “Most countries have cyber strategies on paper, but public discussion of policy and doctrinal levels and practical measures are not as mature as they are in the US,” he suggests.Europe has recognised this discrepancy, however; the European Commission, the European Council and the European Parliament have been working together to update and supersede the existing EU Directive in order to bring it in line with the recent advances in technology. “The objective is to issue a final proposed comprehensive regulation for the EU by the end of 2015, with final approval and adoption thereof to occur by the Spring of 2016,” said Stephen Jett from Taft Stettinius & Hollister LLP writing for Lexology.com.Indeed, the government’s role in combattingcyber attacksis a critical one, according to new research by Intel Security. The study of 625 IT decision makers from the finance, energy, transport and government sectors in Germany, France, the UK and the US found that 86% felt cooperation between the public and private sectors was vital for protecting cyber infrastructure.However, while the growth of this market is inevitable, more discussions need to take place regarding exactly what cyber security is and what it entails.Experts have spoken out about the emergence of the market and claim that professionals within the industry, and those looking to enter it, need to begin training in all areas of cyber security as early as possible.Discussing the sector, Gary Hayslip, the CIO for the City of San Diego, commented: “You talk to people, they think cyber is one thing, and it’s not.” It is this misunderstanding of the concept and market that requires more clarity. Linda Brent, the CEO for ASTA Group, expanded on this, stating that Cyber security can be considered to be “everything from artificial limbs to unmanned systems that are small enough to hold in your hand to the training and education of the workforce.”This training and education should start at the most basic level – in schools. Many professionals are encouraging the integration of Science and Technology programmes, so future generations will already have a sound grasp of cyber security and what it entails by the time they enter the workforce.This needs coordination between institutions - unless there is a unified understanding of the risks, challenges and learning opportunities then, any training provided is likely to be ineffective.Since higher education institutions are notoriously slow at updating their curriculum, this is presenting a significant challenge. Headway is being made in some regards, for example, women are being encouraged to enter into the cyber security industry thanks to a new training initiative from Cybrary and the Women in Technology (WIT) Association. However, it is vital that consolidated training opportunities be made far more widely available, as soon as possible.The Wall Street Journal has also recently reported that it’s not just schools and education institutions looking to improve awareness of cyber security; executive boards for high-profile businesses are also looking to improve their knowledge of the sector, so they are better informed should a cyber-attack occur. High-profile professionals are beginning to understand the significance of knowing where cyber security threats are coming from, how they are rectified and if enough is being done to challenge these attacks.As awareness of the cyber security space increases, so too are jobs in the sector. For information on opportunities in the industry – whether you are a potential candidate or looking to hire – contact us here.-----------------About GlocommsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in SanFrancisco, New York, London and Berlin.

Read More

Looking for something specific?

View more blogs