Cyber Security

Cyber Security

Glocomms: A Specialist Cyber Security Talent Partner

Glocomms operates in the Cyber Security sector, a crucial domain as the need for adept professionals escalates in companies of all sizes. The UK, a hotspot for Cyber Security expertise, is experiencing a growing demand for these roles, underscored by an expanding skills shortage.

Predictions suggest that the number of open Cyber Security roles will only increase further, solidifying the value and longevity of these positions. The current shortage of skilled Cyber Security professionals in the EMEA region sits at 317,000, highlighting that demand continues to outstrip supply.

As specialists based in the City of London, Glocomms' consultants are committed to bridging this gap, sourcing top-tier talent for Cyber Security roles throughout the UK and Europe. Our services are dedicated to addressing this growing need, further securing the digital landscape for businesses across scales and sectors. Request a call back to hear more about our hiring solutions.

If you're a Cyber Security professional, please register your CV.

Register your CV

If you're looking for Cyber Security talent, please register your vacancy today.

Register your vacancy
or
Request a call back

Benefits of working with us

Our Cyber Security talent specialists help growing technology businesses source the right go-to-market strategy talent, manage the recruitment process, and facilitate onboarding. With multi-lingual language support, we provide international recruitment expertise to secure business-critical talent across Europe.

Our recruitment benefits

Experience

We have a decade’s worth of Cyber Security experience as a leading technology talent partner.

Network

A vast, global network of the best, in-demand Cyber Security talent.

Knowledge

Our award-winning talent specialists offer bespoke, tailored guidance on the latest hiring trends.

At Glocomms, we are dedicated to cultivating enduring partnerships grounded in trust, honesty, and shared prosperity. Our commitment lies in delivering bespoke solutions that align with your unique business requirements and Cyber Security recruitment preferences. Whether you seek immediate placement for pivotal roles or aspire for long-term strategic talent acquisition solutions, our arsenal of resources and expertise ensures successful outcomes. Share your vacancy with us today.

Looking to hire? Request a call back

Cyber Security Jobs

At Glocomms, we're excited about the future of Cyber Security. We encourage you to visit our Cyber Security Jobs to explore the cutting-edge roles we're filling in this transformative sector. Shape tomorrow's tech world with us; your future begins at Glocomms.

Senior Cloud Security Analyst/Engineer

Locations: Philadelphia, PA Metropolitan Area | Dallas, TX Hybrid (3 days on-site) Glocomms is partnered with an investment advisor looking to add a key member to their strong enterprise Vulnerability Management team. This Cloud Security Professional will play a critical role in ensuring the security and integrity of the firm's cloud-based systems. With a focus on vulnerability management, container security, and other related areas, the ideal candidate will have 5+ years of experience in cloud security and a strong understanding of cloud computing concepts and technologies. Responsibilities: Lead the design, implementation, and maintenance of security controls in cloud environments, with a focus on vulnerability management Conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks Implement and maintain container security best practices, including image scanning and runtime protection Develop and enforce security policies and procedures for cloud-based systems Collaborate with cross-functional teams to ensure security best practices are followed Stay up-to-date with the latest security trends and technologies Qualifications: Bachelor's degree in Computer Science, Information Security, or related field 5+ years of experience in cloud security, with hands-on experience in AWS or Azure Strong knowledge of vulnerability management tools (Aqua, Palo Alto Prisma, Wiz, CrowdStrike, Tenable Nessus, or Qualys preferred) Experience with container security best practices and tools, such as Docker, Kubernetes, and/or Twistlock Familiarity with security information and event management (SIEM) tools such as Splunk or ELK Stack Proficiency in scripting languages such as Python, PowerShell, or Bash for automation and tooling Experience with secure software development lifecycle (SDLC) practices and tools Knowledge of network security, encryption, and authentication protocols Certifications such as CISSP, CISM, or AWS Certified Security Specialty are a plus Excellent communication, leadership, and teamwork skills Candidates should be willing to work on-site in either Malvern, PA or Dallas, TX Tuesday through Thursday each week. This is an actively interviewing role; interested candidates should apply immediately.

US$140000 - US$180000 per year
Dallas
Apply

Senior Cloud Security Analyst/Engineer

Locations: Philadelphia, PA Metropolitan Area | Dallas, TX Hybrid (3 days on-site) Glocomms is partnered with an investment advisor looking to add a key member to their strong enterprise Vulnerability Management team. This Cloud Security Professional will play a critical role in ensuring the security and integrity of the firm's cloud-based systems. With a focus on vulnerability management, container security, and other related areas, the ideal candidate will have 5+ years of experience in cloud security and a strong understanding of cloud computing concepts and technologies. Responsibilities: Lead the design, implementation, and maintenance of security controls in cloud environments, with a focus on vulnerability management Conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks Implement and maintain container security best practices, including image scanning and runtime protection Develop and enforce security policies and procedures for cloud-based systems Collaborate with cross-functional teams to ensure security best practices are followed Stay up-to-date with the latest security trends and technologies Qualifications: Bachelor's degree in Computer Science, Information Security, or related field 5+ years of experience in cloud security, with hands-on experience in AWS or Azure Strong knowledge of vulnerability management tools (Aqua, Palo Alto Prisma, Wiz, CrowdStrike, Tenable Nessus, or Qualys preferred) Experience with container security best practices and tools, such as Docker, Kubernetes, and/or Twistlock Familiarity with security information and event management (SIEM) tools such as Splunk or ELK Stack Proficiency in scripting languages such as Python, PowerShell, or Bash for automation and tooling Experience with secure software development lifecycle (SDLC) practices and tools Knowledge of network security, encryption, and authentication protocols Certifications such as CISSP, CISM, or AWS Certified Security Specialty are a plus Excellent communication, leadership, and teamwork skills Candidates should be willing to work on-site in either Malvern, PA or Dallas, TX Tuesday through Thursday each week. This is an actively interviewing role; interested candidates should apply immediately.

US$140000 - US$180000 per year
Philadelphia
Apply

IAM Security Engineer

Remote (United States) Working Hours: Eastern/Central Time Zones Preferred A leading prop-trading firm is seeking an highly technical IAM Engineer to join a strong security team and lead the development of a greenfield IAM program. The ideal candidate will have a comprehensive understanding of IAM principles and practices, as well as the ability to identify and implement the most suitable IAM tools and solutions to meet our enterprise objectives. Key Responsibilities: Develop and implement an IAM strategy that aligns with enterprise objectives and ensures the security and privacy of our systems and data. Design and build IAM solutions that meet business requirements and comply with regulatory standards. Evaluate and select IAM tools and technologies that best fit the firm's needs, considering factors such as scalability, security, and cost-effectiveness. Examples include Okta, Azure Active Directory (AAD), Ping Identity, CyberArk, and Duo Security. Collaborate with cross-functional teams to integrate IAM solutions into existing systems and processes. Provide technical expertise and guidance to team members and stakeholders on IAM best practices and standards. Develop and maintain documentation related to IAM policies, procedures, and configurations. Stay current with industry trends and advancements in IAM technologies and practices. Qualifications: Bachelor's degree in Computer Science, Information Technology, or related field. Minimum of 5 years of experience in IAM engineering or a related field. Comprehensive understanding of IAM principles, practices, and technologies. Hands-on experience with IAM tools such as Okta, Azure Active Directory (AAD), Ping Identity, CyberArk, and Duo Security. Familiarity with at least one programming/scripting language (ie. Python). Strong knowledge of Windows OS required; additional Linux and/or MacOS experience preferred. Strong knowledge of regulatory standards related to IAM, such as GDPR, HIPAA, etc. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. IAM certifications (e.g., CISSP, CISM, etc.) preferred. This is an actively interviewing role; interested candidates should apply immediately. Unfortunately the firm is not currently able to accommodate candidates who need visa sponsorship now or in the future (H1B, STEM OPT). This is a full time, direct hire position. No C2C/C2H. Resumes must include candidates' full names and contact information for consideration.

US$140000 - US$180000 per year
United States of America
Apply

Identity Governace & Administration Associate

Identity Governance & Administration Associate Location: Dallas, Tx - Hybrid (2 days on-site) Glocomms are partnered with a globally leading Investment Management firm in the search for an Identity Governance & Administration Associate/Lead to join their InfoSec team based in Dallas, Tx. The position requires experience in areas of Identity & Access Management, InfoSec, Compliance, Audit, and the hands-on use of Identity tools such as Saviynt. Key responsibilities include: Further develop the Access Management program and drive maturity. Identify new IAM tools to onboard. Conduct vendor assessments. Spearhead the Security Awareness Program. Act as a liaison between technical and non-technical teams. Be hands-on with Savyint whilst reviewing new tools to implement. Become well-versed with the firms identity and access structure and it's applications including include Microsoft Entra. Work with existing processes/systems whilst making constructive suggestions for improvements. Requirements Hands-on experience using Identity tools, most importantly Saviynt. Software programming or scripting experience in SQL, and understanding of how application run on the back-end. Ability to act as the conduit between data owners, system owners, and business managers to gather requirements. Ability to strategize with attention to detail. Excellent communication skills.

US$110000 - US$150000 per year
Dallas
Apply

IAM Architect - SailPoint

IAM Architect - (SailPoint) Paris, Ile-de-France Hybrid: 80% remote Start Date: 22/04/2024 TJM : 600-900€ Contract: 1 Year Project Customer Details Our customer is one of France's and the World's Biggest Financial Institutions, they have a big drive at the moment to grow and advance the level of Security around their Infrastructure with over 150,000 users globally. The customer has just had the green light to hire for a SailPoint Architect to join their project team to help push the project forward after a slow start in 2024. The customer offers a fantastic chance to work on the most up to date Security tools and the chance to be the first to touch the new releases in the space. Glocomms have worked closely with this customer for over 5 years and have been responsible for a number of key placements into their Infrastructure teams over the years and we have a fantastic relationship with them. Responsibilities Design and architect SailPoint IdentityIQ solutions to meet business requirements and ensure alignment with industry best practices. Lead and oversee the implementation of SailPoint IdentityIQ, including configuration, customization, and integration with other systems and applications. Work closely with stakeholders to gather requirements, analyze existing processes, and propose optimized solutions for identity and access management. Provide technical expertise and guidance to development teams during the implementation phase, ensuring adherence to architectural standards and security requirements. Conduct regular assessments of SailPoint implementation to identify areas for improvement, optimization, and risk mitigation. Collaborate with cross-functional teams to support ongoing operations, troubleshoot issues, and provide technical support for SailPoint IdentityIQ platform. Stay updated on latest trends and developments in identity and access management technologies, particularly within the SailPoint ecosystem. Get in touch james.evans(@)glocomms.com +44 203 758 8905 https://www.linkedin.com/in/jamesevansglocomms/

€600 - €900 per day
Paris
Apply

MD, Cyber Security & Risk Management Solution

Cyber Security & Risk Management Solution Location: Washington DC Compensation: $200,000 - $300,000 + commission Glocomms are partnered with a consulting firm based in the DC area in the search for a tenured professional with hands-on technical experience in the Cyber & InfoSec space, mainly focused around Cyber Risk, Threat Detection, IR, Forensics, and Compliance, who can join the firm with an existing book of business and a strong track record of hunting for and farming out accounts. The goal is to bring in clients who will use the business for Cyber Risk, Forensic, and Compliance focused work, and mainly partnering with financial services firms, law firms, accounting firms, etc. You will manage your own space and go-to-market strategy, and have ownership of your accounts. Key responsibilities/requirements: Develop and execute a strategic business development roadmap within the DC area and enhance your book of business. Identify and onboard new accounts who will utilize the firms Cyber & Information Security capabilities. Must have hands-on technical ability with conducting cyber forensic investigations, security posture reviews, threat detection and response, threat hunting, cyber risk, and/or InfoSec compliance. Cultivate strong relationships with small-mid sized companies who do not have an appetite for an in-house cyber security team nor the funding to utilize the more expensive vendors in the marketplace. Maintain a deep understanding of industry trends, competitive landscape, and regulatory requirements related to cybersecurity and encrypted messaging.

US$200000 - US$300000 per year
Washington
Apply

Identity Governance & Administration Associate

Identity Governance & Administration Associate Location: Dallas, Tx - Hybrid (2 days on-site) Glocomms are partnered with a globally leading Investment Management firm in the search for an Identity Governance & Administration Associate/Lead to join their InfoSec team based in Dallas, Tx. The position requires experience in areas of Identity & Access Management, InfoSec, Compliance, Audit, and the hands-on use of Identity tools such as Saviynt. Key responsibilities include: Further develop the Access Management program and drive maturity. Conduct vendor assessments. Spearhead the Security Awareness Program. Act as a liaison between technical and non-technical teams. Be hands-on with Savyint whilst reviewing new tools to implement. Become well-versed with the firms identity and access structure and it's applications including include Microsoft Entra. Work with existing processes/systems whilst making constructive suggestions for improvements. Requirements Hands-on experience using Identity tools, most importantly Saviynt. Software programming or scripting experience in SQL, and understanding of how application run on the back-end. Ability to act as the conduit between data owners, system owners, and business managers to gather requirements. Ability to strategize with attention to detail. Excellent communication skills.

US$110000 - US$150000 per year
Fort Worth
Apply

IAM Consultant - SailPoint

Level 3 IAM Engineer - (SailPoint) Paris, Ile-de-France Hybrid: 50% remote Start Date: 1st May 2024 Contract: 1 Year Project Customer Details Our customer is one of France's and the World's Biggest Financial Institutions, they have a big drive at the moment to grow and advance the level of Security around their Infrastructure with over 150,000 users globally. Due to upcoming projects and a lack of Senior internal staff, the customer is looking to the freelance market for IAM Developers experienced in SailPoint to come join their team in Paris. The customer offers a fantastic chance to work on the most up to date Security tools and the chance to be the first to touch the new releases in the space. Glocomms have worked closely with this customer for over 5 years and have been responsible for a number of key placements into their Infrastructure teams over the years and we have a fantastic relationship with them. Responsibilities The SailPoint solution has already been integrated into the infrastructure, so the main project work has been completed. Now the customer seeks a technical SailPoint Developer/Consultant to help maintain the existing solution. You will be working alongside another SailPoint Developer, a Business Analyst and a Tech Lead, where you will assist with any updates and general maintenance to the solution. Setting up user provisioning and deprovisioning processes, access policies, role definitions, and other configuration tasks. Ensuring that SailPoint implementations adhere to security and compliance requirements is a crucial responsibility. This includes implementing appropriate access controls, encryption mechanisms, and auditing capabilities to protect sensitive data and meet regulatory requirements. Working closely with the BA, you will assist in troubleshooting technical issues within the SailPoint platform and associated integrations. Proficiency in developing custom connectors, workflows, and integration components within SailPoint, including scripting with Java is a must. Get in touch today to find out more about this opportunity! Email your CV to: Sarah.murphy(@)Glocomms.com

€400 - €600 per day
Paris
Apply

Security Analyst

Security Analyst Manhattan, New York - English speaking (French is a HUGE bonus, but not essential) Hybrid Working in Manhattan - South of Central Park Start Date : 15/04/2024 (Can be flexible) Initial Contract until 31/12/24 with extensions to follow Hourly Rate : 50 - 80 USD$ Customer Details Our customer is one of France's Biggest Systems Integrators who have expanded into North America, they have a huge European presence and now have a team based locally in North America to be dedicated to supporting their US customers, mostly with European attachments. They are running a Managed Service for one of Europe's Biggest Banking Groups out of their NY Office and need the support of TWO contractors to help with the workload that has got bigger since the turn of the year. Given the nature of their business, should they be happy with the work you're doing, there is room for extension onto a different account once this assignment reaches it's conclusion. Glocomms has supported the customer in Europe for the last few years and we are supporting them in their expansion into North America! Job Details Security Analyst Primary responsibilities will include : Monitoring Security alerts, investigating potential security incidents and identifying abnormal activity in the customers environment, coordinating and executing incident response procedures. Documenting all incidents, conducting threat intelligence research, analysing data to identify potential security risks, performing vulnerability assessments. Help with the development and implementation of security policies, maintaining details records of incidents and working closely with stakeholders to address security concerns and to into security measures into the groups Operation practises. Technical Requirements : Experience with Security tools including : SIEM, IDS/IPS, Antivirus solutions. Experience with at least 2 of Microsoft Sentinel, Splunk, Cortex and at least two of SentinelOne, TrendMicro, Trellix, MS Defender and Crowdstrike. Relevant Certifications such as CISSP or CISM are a huge plus. Strong understanding of cybersecurity principles, threats, and best practices. Other Information : The customer has office locations all around the world, so you will be speaking with colleagues in Europe in the morning (hence why French is an asset) and colleagues in Asia at the end of the day. Fantastic chance to join a really exciting business in the heart of Manhattan! Get in Touch james.evans(@)glocomms.com +44 203 758 8905 https://www.linkedin.com/in/jamesevansglocomms/

US$50 - US$80 per hour
Manhattan
Apply

Lead Security Operations Engineer

A premier asset management firm in Dallas, TX is looking to bring on a Lead Security Operations Engineer to join their growing security operations team. This position will be a technology leader, platform and product owner, designing solutions, and leading implementation of the solution. Requirements - Experience with IT Infrastructure, Networking, Firewalls - Experience in Incident Response, Threat Hunting, Threat Analysis - Deep experience with vulnerability management - Experience in Access Management, Privileged Access Management (PAM) - Experience with Change Management, Configuration, and Documentation Preferred: - Financial Services industry regulatory knowledge Location: - Dallas, TX (Downtown, 2-3 days onsite) or Fully Remote (possible) Compensation - $140-160k base to the best candidate + 20% annual discretionary bonus If this sounds like an interesting fit for the next step in your career, please apply to the ad!

US$140000 - US$160000 per year + 20% annual bonus
Dallas
Apply

Firewall Engineer

A Growing and Dynamic IT organization is seeking a skilled Cybersecurity Firewall Engineer to join our team responsible for safeguarding Navy and Department of Defense (DOD) network environments. The ideal candidate will possess expertise in cybersecurity and information security, with specific proficiency in NexGen Firewall (NGFW) platforms, including Forcepoint and Palo Alto. Key Responsibilities: Firewall Administration and Security Compliance: Manage and maintain Forcepoint and Palo Alto firewalls, ensuring optimal security configurations and compliance with regulatory standards. Policy Audits: Conduct quarterly audits of firewall policies to assess adherence to established security protocols and standards. System Hardening Assessments: Perform routine assessments of system hardening practices, aligning with DOD security technical implementation guides (STIGs) to enhance network security. Information Assurance Compliance: Ensure maximum information assurance (IA) compliance of DOD Information Network (DODIN-N) systems, implementing measures to mitigate security risks and vulnerabilities. Qualifications and Certifications: Minimum of two years of progressive experience in cybersecurity and/or information security. Over five years of experience with NexGen Firewall (NGFW) platforms, specifically Forcepoint and Palo Alto. DoD 8570 Certification is mandatory. Active DoD Secret Clearance is required. Desirable Skills: Strong understanding of DoD and Navy Enterprise networks. Familiarity with cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure. AWS certifications are considered a plus and may enhance candidacy. If interested, please apply in directly.

US$100000 - US$120000 per annum
Virginia Beach
Apply

IAM Developer

Senior IAM Developer Paris, Ile-de-France - French and English Speaking 50% Work on-site Start Date : April 2024 12-Month Contract - Project up to 3 Years Customer Details Our customer is one of France's and the World's Biggest Financial Institutions, they have a big drive at the moment to grow and advance the level of Security around their Infrastructure with over 150,000 users globally. Due to upcoming projects and a lack of Senior internal staff, the customer is looking to the freelance market for IAM Developers experienced in SailPoint and/or ForgeRock. The customer offers a fantastic chance to work on the most up to date Security tools and the chance to be the first to touch the new releases in the space. Glocomms have worked closely with this customer for over 7 years and have been responsible for a number of key placements into their Infrastructure teams over the years and we have a fantastic relationship with them. Job Title: Senior IAM Developer (SailPoint and/or ForgeRock) Overview: We are seeking talented IAM Developers with expertise in SailPoint and/or ForgeRock to join our customer's dynamic team. The ideal candidate will play a crucial role in designing, developing, and implementing IAM solutions to meet the identity and access management needs of the organisation. This position offers an exciting opportunity to work with cutting-edge technologies and contribute to the enhancement of our IAM infrastructure. Responsibilities: Solution Design: Collaborate with IAM architects and business analysts to design IAM solutions that align with organisational objectives and security requirements. Development: Develop custom solutions, connectors, and integrations within the SailPoint and/or ForgeRock IAM platforms to meet specific business requirements. Customisation: Customise and extend IAM functionalities, workflows, and user interfaces to enhance usability, automation, and efficiency. Integration: Integrate IAM systems with other enterprise applications, directories, and identity sources using APIs, connectors, and identity federation protocols. Scripting and Automation: Write scripts, workflows, and automation routines to streamline IAM processes such as user provisioning, de-provisioning, and access requests. Identity Lifecycle Management: Implement and optimise identity lifecycle management processes, including user onboarding, offboarding, and role-based access control. Policy Enforcement: Develop and enforce access control policies, authentication mechanisms, and authorisation rules to ensure compliance and security. Troubleshooting and Support: Provide technical support and troubleshooting assistance to resolve issues related to IAM systems, integrations, and customisation's. Documentation: Create comprehensive technical documentation, including design documents, configuration guides, and code repositories, to support IAM implementations and operations. Security Compliance: Ensure that IAM solutions and configurations comply with security standards, regulatory requirements, and industry best practices. Qualifications: Bachelor's degree in Computer Science, Information Technology, or related field. Proven experience (+5 years) as a developer specialising in Identity and Access Management. Hands-on experience with IAM platforms such as SailPoint and/or ForgeRock is required. Proficiency in programming languages such as Java, JavaScript, PowerShell, or Python. Strong understanding of identity management concepts, authentication mechanisms, and access control models. Experience with IAM protocols and standards such as SAML, OAuth, LDAP, and SCIM. Excellent problem-solving skills and the ability to analyse complex technical issues. Strong communication and collaboration skills, with the ability to work effectively in a team environment. Relevant certifications such as SailPoint Certified IdentityIQ Engineer or ForgeRock Certified Identity Management Specialist are a plus. Get in touch today to find out more!

€500 - €700 per day
Paris
Apply

Cyber Security News & Insights

The Strategic Importance of Network Security: Beyond the Tech Image
cyber-security

The Strategic Importance of Network Security: Beyond the Tech

In today's digital era, where every facet of business is intricately intertwined with technology, network security is a growing concern. But while it's often pigeonholed as a purely technical issue, this viewpoint misses the broader implications. Network security is not only about firewalls, intrusion detection systems, and encryption; it's about strategy.A Strategic Defense against Cyber ThreatsHow we protect our data and systems from cyber threats is a direct reflection of our strategic priorities. The kind of security protocols you adopt, the technologies you embrace, and even the response mechanisms you have in place can shape the brand image and trustworthiness of your business in the eyes of your stakeholders.The Power of Cloud and Hybrid NetworksWith the increasing shift towards cloud and hybrid networks, businesses can no longer depend solely on traditional defense mechanisms. The strategic choice of leveraging cloud technologies requires an equally strategic approach to security. It's about seamlessly integrating on-premise infrastructures with cloud environments while ensuring that both are fortified against threats.Bridging the Network Security Skills GapThe technological landscape is constantly evolving, and with it comes new challenges. Our clients are increasingly looking for candidates with the skills needed for network automation to enhance performance, and tools like Terraform and Ansible to remain agile and efficient.However, there's a noticeable gap between demand and supply when it comes to expertise in these areas. Businesses are in dire need of professionals who can navigate the complex world of network security and automation.Connect with the Experts​Are these challenges affecting your hiring opportunities? Is the rapidly shifting landscape of network security causing uncertainties in your staffing needs?You're not alone. Many businesses are grappling with similar issues, and they require a strategic partner who understands both the technical and strategic dimensions of the domain.Reach out to James directly by completing the form below. Let us help you navigate these challenges and ensure that your network security strategy is robust, dynamic, and forward-thinking.Request a call back​

Read More
Hiring Cyber Security Talent Image
cyber-security

Hiring Cyber Security Talent

There are many verticals we specialize in here at Glocomms across the cyber security space, each with their own unique hiring trends. Here is a brief overview of some of the cyber security developments we are seeing across manufacturing, health technology, media & entertainment, and SaaS. ManufacturingCyber security is a fundamental challenge for any business leader, but manufacturing has officially overtaken financial services, healthcare, and insurance, to become the world’s most attacked sector[i], due to increases in reconnaissance targeting. As more supply chains and manufacturing facilities embrace digital software for efficiency reasons, there is the dual challenge of losing precious time to mitigating cyber-attacks. This presents the industry with an acute need for more cyber security professionals to prevent such attacks, but with a tight talent pool, competition for the best professionals is high. Europe’s automotive manufacturing and supply chain companies[ii]saw demand rising for cyber security professionals more than any other industry last year. This figure is compiled by GlobalData, whose thematic approach groups company activity to see which organizations can best weather disruptions and tackle issues “that keeps a CEO awake at night.” Health Technology The threat to healthcare and healthtech from cyber-attacks cannot be understated – 32% of healthcare security leaders said they had to divert patients to other providers after cyber-attacks, according to Imprivata’s report[iii], a digital identity company for life and mission-critical industries. ECRI[iv], a non-profit that focuses on healthcare technology and safety, also cites cloud security in its list of, ‘Top 10 Health Technology Hazards for 2023.’There is a greater need for cyber security professionals who can protect patient data as the healthcare industry becomes more reliant on technology. Medical institutions also need to create a culture of cyber security, to assist cyber experts when they come into the business. Media & EntertainmentYou may recall the leaking of the script for the James Bond movie ‘Spectre’[v], which highlighted how vulnerable the media & entertainment industry can be to cyber-attacks. Streaming services such as Netflix have also seen their own customer data breaches, with ransomware authors also becoming more adept at finding vulnerabilities, and thus exploiting them[vi]. So, how can the industry protect itself? Ultimately media & entertainment platforms need to invest in cyber software and professionals. Household names can utilize their brand power to attract talent and invest profits back into internships to enable new talent to enter the market in the future. Thinking long-term and planning for the talent of tomorrow is one strategy to future-proof an organization, because large-scale media & entertainment names cannot afford the reputable fallout of security breaches. SaaSThe popularity of Software-as-a-Service (SaaS) platforms is only going to grow, and the more applications an organization has in its tech stack, the greater the risk of cyber breaches. This means it is crucial to keep up with cyber security developments to maintain customer trust and platform integrity. According to Forbes[vii], “SaaS security is unique because of the velocity of new SaaS being adopted and the decentralized purchasing decision process. These two things combined break the traditional cybersecurity frameworks.”While business leaders and CISOs must adopt a risk mindset, whether working for a SaaS company or using one as a customer, the reality is that one way to mitigate cyber threats is to consider hazards outside of the software itself. Cyber experts can be employed to also educate users and have visibility over data transmissions. Often organizations are at the mercy of employees exposing information, therefore businesses must find talent that can not only lead it securely, but also has soft skills in teaching colleagues and training the wider organization on best practice. ​A number of industries are competing for the same cyber security talent. There are different push and pull factors dependent on the individual being hired, so a nuanced approach as opposed to a one-size-fits-all strategy will result in talent being more attracted to a business. To hire the best candidate for your open role, get in touch with Glocomms today. As a specialist talent partner in Technology, we have access to industry-leading talent around the world. Find the talent you need by submitting your vacancy, or request a call back to elevate your hiring process with the right talent partner today.

Read More
Cyber Security Talent Insights Image
cyber-security

Cyber Security Talent Insights

​​The cyber security market is predicted to grow to $266 billion by 2027, but with opportunity comes many risks, disruptions and challenges. With skilled business-critical cyber security professionals in high demand, companies must develop effective hiring solutions to capitalize on the market and protect their systems, networks, and data against cyber attacks and security breaches.In this report, our technology talent experts at Glocomms guide you through:Key trends in cyber security, from market risks to hiring approachesTop priorities for candidates in the cyber security fieldInsights from Katie Owston, Associate Vice President at GlocommsKey takeaways and recommendations for both hiring managers and professionalsDownload your copy of the 'Cyber Security Talent Insights' report by completing the form below:​​

Read More
Three IoT Cybersecurity Trends For 2019 Image
cyber-security

Three IoT Cybersecurity Trends For 2019

​As the world becomes more connected, the Internet of Things (IoT) continues to expand. Gartner forecasts that 14.2 billion connected things will be in use during 2019, rising to 25 billion by 2021.In the wake of this increased connectivity, cybersecurity breaches emerged as the #1 concern for US CEOs at this year’s World Economic Forum. Here, we explore three key cybersecurity trends impacting the IoT in 2019 and how they are shaping the labor market.The emergence of 5G5G is 2019’s hottest trend in IoT and its impact is expected to be huge. It has the potential to transfer higher volumes of data and connect to more devices up to 20 times faster than 4G. By 2020, Gartner forecasts that 60% of organizations plan to deploy 5G, while Ericsson’s 2018 Mobility Report predicts that by 2025 1.5 billion of us will be connected to 5G. While 5G will integrate the Internet of Things more deeply into our lives and open up numerous possibilities for consumers and businesses, it brings with it a much higher cyber security threat. A world that is almost entirely connected means organizations will be exposed to significant new cyber risks that businesses must be prepared for. IIoT : Industrial Internet of ThingsThe Industrial Internet of Things, or IIoT, refers to billions of industrial devices connected to wireless networks which collect and distribute data across industries as diverse as healthcare, utilities and transportation. This gathered data is analyzed to improve businesses processes and productivity to enable faster and more accurate decision making. The IIoT protects the critical infrastructure and systems we rely on and may take for granted in our day-to-day lives.A broader base of assets connected to more diverse systems and devices offers more points of entry for a potential breach and industries must rethink its security. System failures in the IIoT can have high risk consequences and without effective protection serious disruption can occur. The emergence of 5G will also have an impact on the IIoT. 5G enabled devices will require a new level of cybersecurity to protect infrastructures, with denial of service attacks (DOS) becoming a significant concern. For instance, in March 2019, a cyber disruption to the US grid reported by the Department of Energy involved a "denial of service condition" at a Western utility.IoMT – (Internet of Medical Things)​Emerging technologies are transforming the healthcare sector. Connected medical devices gather vital data to provide insights into patient symptoms, enable remote care and improve treatment. However, healthcare remains a vulnerable area in cybersecurity.The cost of data breaches in the IoMT are among the highest across all sectors, yet many healthcare facilities still rely on outdated operating systems. 4.4 million patient records were breached in Q3 alone in 2018, highlighting the need for extreme precautions.Again, 5G will have a far-reaching impact on the IoMT, with the increased connectivity substantially raising the potential for data breaches.The cybersecurity skills shortageThe rise of the IoT and the investment in 5G technology are putting immense pressure on demand for cybersecurity talent. An estimated 2.93 million cybersecurity positions globally are currently unfilled. A staggering 500,000 of those are located in the US.At the same time, while jobs postings for cybersecurity roles are up, applications have fallen.In the longer-term, 5G technology is expected to create an estimated 22 million jobs by 2035, requiring skills that people don’t yet have and placing more pressure on a jobs market struggling to keep pace with demand.Without a seamless and effective hiring process, organizations simply don’t have the capability to develop effective security procedures to both detect and prevent cyberattacks and protect vital data.Glocomms has recognized a tremendous opportunity in the emergence of 5G and the increasing reliance on IoT in our everyday lives.Given this market knowledge, we have developed a recruitment practice focused exclusively on networking and building a talent pool within IoT and IoT security. Having built relationships with some of the world’s premier IoT, IIoT and IoMT vendors, Glocomms continues to establish itself as a major provider of talent in a very niche and undersupplied IoT talent market. With lines of business that cover everything from Sales and Marketing, Product Management/Development, Software Development & R&D, Data Science & Engineering, and Cyber Engineering & Operations, we can confidently address the needs of any growing IoT vendor across their product development lifecycle. We work closely with vendors as they build and deploy their products and services, from early stage and greenfield organizations to companies looking to ramp up their sales and marketing teams and ensure their products and solutions reach the doorstep of every potential customer.Regardless of your business growth needs, we’ve got you covered!For more information about how to reach one of our specialized IoT recruitment consultants, or to learn how our business can become an extension of yours in finding that tough to reach IoT talent, contact us today.

Read More
How to Get Ahead in Cybersecurity Image
cyber-security

How to Get Ahead in Cybersecurity

​A career in cybersecurity is one of the most sought after in the tech field and can be a fulfilling and lucrative option for talented and ambitious professionals. Cybersecurity experts play a vital role in keeping their employers and their customers safe while online. But to succeed requires specific qualifications and experience.Here we take a look at how to get ahead in this rewarding field.Where are the jobs?In short, everywhere.From American universities to British Airways and Facebook, hackers have caused havoc for employers throughout 2018. No sector or organization is immune. By 2021 it’s predicted that at current levels of rising demand versus expected candidate availability, there could be a staggering 3.5 million open jobs in cybersecurity.Cybersecurity talent is sought after around the globe but in particular:In the UK and Europe, the introduction of the EU’s GDPR (General Data Protection Regulation) more than tripled demand for cybersecurity professionals in 2018. The GDPR is also expected to be one of the top cybersecurity concerns for employers in 2019.Australian and Canadian employers are experiencing serious national skills shortages in the sector.A 28% growth in cybersecurity jobs is predicted from 2016 to 2026 in the US.What about the gender gap?The gender gap is real and not predicted to close any time soon.  Females are underrepresented in the cybersecurity sector. It is estimated that around 20% of cybersecurity professionals are women but some studies suggest a much lower figure. Deloitte’s global Women in Cyber initiative launched in July 2018 to address this issue and encourage more females to explore a career in the sector. If you’re considering that option, this initiative offers real-life insight from women working in the sector, including advice on how to build a career in cyber, the potential challenges and the skills needed to succeed.A lucrative careerDemand is pushing up average salaries for cybersecurity professionals, which stands at around c$117,000. Pay for entry level jobs is also soaring. Graduate roles in the US now attract salaries of close to $100,000 per annum, more than in any other sector. Your salary will depend on your level of expertise and experience – and the specific requirements of a prospective employer. Speak to your recruiter for more detailed advice.A career with securityLike most of the tech sector, cybersecurity is one of the most reliable professions for long-term job security. The role of Cybersecurity Engineer is predicted to become the most in-demand tech job in 2019 but opportunities are varied and numerous. Other roles include security engineer, security analyst, penetration tester, and cryptographer. The emerging role of Chief Cybercrime Officer may also become critical to larger organizations in 2019 as data hacks are expected to rise.The key to success is to stay on top of current trends and develop the skillsets that make you more valuable to employers.  As well as the GDPR, research suggests that the top cybersecurity concerns for businesses in 2019 including phishing, ransomware, the cloud and cryptocurrency mining.Have you got what it takes to succeed?If you’re considering a career in this specialist sector, or seeking your next career move, here’s our advice:A bachelor’s degree in cybersecurity or another field of computer science is essential for most employers. Many cybersecurity professionals move from traditional tech roles, such as systems administrator into more specialized positions through additional training.For entry level candidates, deciding on your specialization can help to make you more attractive to businesses.Ensure you constantly refresh your skills and invest in your future. Tech is rapidly changing and new skillsets are required constantly.For professionals looking for a leadership role, the same advice applies. Stay ahead of trends in the sector and work on the skills that are needed for your next career move. Acquire the most relevant certifications and training, through online courses or a master’s degree for example.Networking should be an ongoing strategy to help you to fulfill your long-term career goals. Keep your LinkedIn profile up to date and build professional relationships with people in your field.Speak to a specialist recruiter who knows your sector inside out and is ideally positioned to advise on your next career move.Working with a specialist recruiter like those at Glocomms, can help understand your career options within cybersecurity and make sure you secure a job that is a perfect fit for you. To learn more, get in touch with Glocomms today.​

Read More
Cybersecurity Market Update Image
cyber-security

Cybersecurity Market Update

​Glocomms' insight on the 2018 Cybersecurity Landscape Across the End-User and Vendor ArenasIntroductionGlocomms was founded on the premise of Cybersecurity becoming the most in-demand and integral part of technology across all industries. In 2017, we saw a multitude of high-profile cyberattacks targeting various companies including Uber, Deloitte and Equifax with the most prominent attacks being WannaCry and Petya. Given the visibility on the cybersecurity market, Glocomms expects to see a large focus on hiring resources and talent to develop and elaborate the hardening of security practices. Such developments include in-house security operation centers (SOC), increased spending on the most innovative threat intelligence products and AI talent and the adoption of automation and cloud security practices in order to properly protect customer and employee data.​The consequences of insufficient security and data protection were recently highlighted by Facebook stocks sliding nearly 15% in a 36-hour window, off the back of an exposed global data breach. Such high profile examples prove that Cybersecurity has the attention of the global media platform and consequently, the market is tightening as the need for remediation in real-time is becoming absolutely imperative.​In order to provide this level of service on a 24x7x365, vendors and end users are adopting advanced solutions. The two main trends we have seen in the first quarter of 2018 have been the integration of Artificial Intelligence & Data Science coupled with the need for Automation & Cloud Security. ​AI/Data Science & Cloud AutomationOur recruitment business gives us a unique look into these trends, as our business model is comprised of two main pillars of focus: Cybersecurity and AI/Data Science. We see the perspective of urgent needs for specific skillsets, as well as the perspective of building expertise through seeking new challenges and career options through working with stealth-mode to IPO vendors as well as the world’s largest global end-users.​When considering the impact AI can have on Cyber, it is clear why artificial intelligence, machine learning and data science will have a huge impact on the ability for software to be able to detect and remediate intrusions and vulnerabilities. Nonetheless, it is who brings the expertise that affects how analytics will impact the industry given these will be the individuals building models to analyze and make sense of the data.​In order to understand the talent pool, we need to understand what motivates individuals to bring their experience to the cybersecurity industry. Most frequently, we see these professionals are motivated by the exposure to working with novel, proprietary, and in this case, unknown data. Additionally, not only the access and exposure to the data is compelling, but also the advanced decision making predictable by the data that draws this talent into the industry.​We have also seen increased attention on the automation and acceptance of risk adverse cloud usage cases, the adoption of MSSP’s that offer integrated threat analytics/ threat management solutions, and new industry trends that dive deeper into the impact AI can have on this ever-changing landscape across the vendor and end-user arenas.​Artificial intelligence, machine learning and data science are being leveraged in a variety of ways and can be exhibited by the huge influx of neural network and deep learning talent transition into the threat analytics arena. Given the sheer magnitude and significance of personal information embedded within the data across industries such as healthcare, financial services and commerce, it is no surprise that data scientists are excited about an opportunity to advance security solutions and play an impactful role on the business/product at large. We know from speaking to these professionals that it is the access and exposure to novel and unique data across the abovementioned industries that drive and motivate their career interests.​Given that Data Science/AI & Cybersecurity are the two focal points of our Glocomms business, it is exciting to see the transfusion of these emerging technology industries shaping the future of the entire technology landscape across all industries.​Investment BanksCloud security is currently the hottest trend from an end-user perspective. This trend is clear, given the activity we have seen across the finance industry as they move towards the adoption of specific usage cases for the various open source cloud platforms. This is exciting because these have historically been some of the most proprietarily kept platforms in the world – some banks even used proprietary coding languages to build their platform! In order to be comfortable with these offerings, the institutions now need to put together documentation on the risk assessments attributed to such solutions. Once these frameworks and usage-cases are clearly determined and outlined, offerings will begin to spread across more and more business units. Currently, large asset managers and global investment banks offer their clients a commercialized version of their front-office risk systems but this is only one portion of what the cross-business platform has to offer.​The next step will be providing an integrated and secure cloud-based solution across all layers of the risk management platforms that each of the various firms offer. Some banks are in the midst of developing a similar type of cross-business platform and although they may be scrutinized for their late-arrival to the party, it might work to their advantage given the new technology currently available because having an opportunity to build a platform from scratch using the latest and greatest products for hardening security layers and adopting cloud offerings allows for a more integrated and theoretically, hardened solution! It seems cloud security will be at the top of the list for most in-demand and least- attainable skill sets in 2018. This has already been evident given the vast hiring and increased compensation bands for cloud security professionals across the end-user arena. We believe the reason for this is these professional all need to not only bring the expert technical skills to the table, but also need to be able to communicate internally and externally with key stakeholders around usage cases for cloud offerings.​Buy-Side PerspectiveFrom a Buy-Side perspective, we have seen large global hedge fund clients looking to hire Encryption Engineers to build proprietary security layers into their existing infrastructure (often cloud-based). This is an obvious step in the right direction, given in the past it seemed many funds were scared by the prospects of putting their ‘secret sauce’ out in the cloud. Additionally, we have seen vast hiring across the Security Incident Event Management (SIEM) arena, most of whom, seem to be moving to Splunk given the versatility of the product. This is also consistent with what we have seen in Investment Banks this year.​From a recruitment standpoint, we see a huge amount of potential on the buy-side in 2018 and expect to see talents being directly targeted from the tech giants as these are the professionals with the most amount of exposure to novel data with the best skillsets for architectural remediation and hardening. ​Vendor PerspectiveAs the vendors continue to offer more and more comprehensive and integrated analytical solutions, the need to stay on top of the market and hire professionals that have experience with the most cutting-edge products becomes even more imperative. We have seen massive hiring across the vendor arena given the influx of investment and the urgent need for this analytical talent. The data being analyzed is ever-increasing and the adoption of AI is not quite keeping up with the workload for the SOC. Thus, we have still seen a steady stream of hiring within these types of positions including: threat hunters, incident responders and security engineers. Not only the vendors are hiring these professionals across the mid-senior level, but also the end-users are building their own in-house SOC’s to reinforce internal security measures creating more intelligent solutions on the network to detect vulnerabilities more quickly and readily. We have seen a large increase this year of around 20% higher than the industry standard this year in the compensation bands for someone with 3-5 years of experience with the abovementioned skills.​Glocomms’ cybersecurity recruitment practice is broken down across the vendor and end-user arenas as we have a commercial practice that offers talent solutions for our vendors across the entire product development lifecycle.As mentioned above, the adoption of intelligent threat hunting, incident response and vulnerability management has been clearly exhibited in a hiring trend of AI talent into the vendor and MSSP arena. ​Candidate TrendsAn interesting trend to note has been the movement of security professionals from the defense industry transition and partner with the financial services employees, in an attempt to continue to broaden the level of expertise and attention on security related problems. This talent is coming out of New York, Boston, Washington DC Metro Area, Texas, and California and heading to new security hubs forming in the Atlanta, South Carolina, Minneapolis and Colorado.Additionally, we have seen a large interest on the Financial Services side to hire talent from the Tech Giants given their background and exposure to massive amounts of data, enterprise level architecture, and forwards thinking technical skillsets.​Given the sheer magnitude of talent required, in the last 5 months, we have placed over 15 individuals for one Cybersecurity start-up that is still in stealth-mode on a retained basis! This project is ongoing and we expect to fill nearly 40+ roles this year with this one client given how perfectly our business models align, we have been able to deliver​Thus far in 2018 we have worked closely with a number of small to mid sized organizations (20-200 employees) on both Coasts undergoing large growth initiatives. Rapid growth is not uncommon for start-ups in this industry; these companies are primarily seeking analytical/AI talent, software engineers who are building their propriety platform and security professionals to advance the offerings. One interesting thing to note has been that security software engineers are receiving larger portions of equity given the impact their development of the platform will have on the multiplier attributed to the growth potential and in turn, value of the business.​For this type of endeavor we recommend a Multi-Hire Campaign (MHC) as we are able to best align our services with a companies specific and often urgent needs directly impacting our clients’ growth through an all-encompassing recruitment solution.​Many of our institutional clients are entirely revamping their security business units given the ever-changing nature of the available technology within the industry. As a result, we have staffed multiple senior, CISO/Strategic Leaders for our end-user clients whom will drive the growth initiatives going forward in 2018 and years to come. ​Mergers & AcquisitionsOur final cybersecurity market trend we wanted to highlight in this report corroborates the above with respect to focus and attention on new, cutting-edge, AI-driven threat management platforms. Security Vendors are being acquired by the big Tech Giants and large cyber players. The options are narrowing and the solutions are becoming far more comprehensive and integrated. Recent examples of this include: SQRRL were acquired by Amazon for $40 million; Phantom Cyber is being acquired by Splunk for $350 million; and CloudLock is bought by Cisco for $293 million. This showcases that the big-players are aware of the trends outlined above and are looking to eat up the market share and gain control of the growth and opportunity that is ravishing the emerging technologies marketplace. ​Diversity & InclusionDiversity and Inclusion awareness is at an all time high in the technology industry, with female representation and wage parity dominating the headlines. At Glocomms we find that identifying good practice, policies and initiatives to improve workforce diversity and inclusion are paramount for our clients. Throughout 2018, alongside our parent company, Phaidon International, we will be running a number of positive, action-orientated client events with relevant guest speakers and industry experts. The common themes of these initiatives will be to share pragmatic and proven successful practices that can tangibly improve diversity and inclusion within the workplace. By doing so our valued clients can enhance their access to wider talent pools for their meritocratic workplaces.​In relation to Cybersecurity – this is one of the most homogenized verticals within the technology arena and female-talent is highly scrutinized for being absent. Males hold 3 out of 4 jobs in tech, but specifically within cybersecurity, the numbers reflect that only 14% of the U.S. workforce in cybersecurity is female. [1] However, out of all of the areas within technology, we believe that Cybersecurity is the field that truly needs a diverse talent pool.​Working in Cybersecurity involves dealing with hugely complex issues and problems – teams need diversity so that problems are attacked with different viewpoints. At Glocomms we focus heavily on sourcing diverse talent within this field and working closely with our clients in creating a work environment to allow such talent to excel in their careers. In the past six months, 24% of the placements we have made in the Cybersecurity field are female. Whilst we still have a long way to go we are dedicated to doing our part to empower females to succeed in the industry.​In addition to females, Glocomms is committed to contributing to and being the driving force of change across all marginalized groups with respect to Diversity and Inclusion. Most recently, on March 24th, Glocomms was a sponsor for the second annual Out in Tech Talks[2], an event that united 400+ leading and aspiring LGBTQ+ and allied voices to advance the dialogue around diversity in tech and address the power of tech to create social change. It was an incredible event, showcasing the progress achieved while illuminating the massive amount of work left to do in reshaping the industry. Impressive panels included the leaders in Diversity and Inclusion at Amazon, Linked in and Youtube, an MD/Business Leader for the Cybersecurity business at a Leading Global Investment Bank and our own Executive Director at Glocomms.​Closing ThoughtsThis report was written and prepared by Giancarlo Hirsch, Vice President at Glocomms and accurate as of March 2018.​Glocomms has offices in NY and SF and is looking to launch offices in Boston, Chicago, Dallas and Charlotte in the coming 18 months. For more information or to get in touch with the team at Glocomms, please do reach out to usa@glocomms.com!​-------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cyber Security Talent Needed Amid Rising Cyber Threats Image
cyber-security

Cyber Security Talent Needed Amid Rising Cyber Threats

​​The cyber security industry is under mounting pressure. As cyber-attacks become more common and the amount of data stored online increases (not only in volume but also in sensitivity) most industries are naturally growing concerned at the exponential growth of cybercrime. A report from Ponemon Institute found that 47% of the 662 IT professionals questioned have experienced a cyber security breach within the last two years. These breaches took place in both the public and private sector across the globe.Cyber threats are occurring across the globe. One of the largest cyber security breaches of history occurred last year in theUS,when JPMorgan Chase fell victim tocybercrime. During this breach personal information such as the names, phone numbers and email addresses of 76 million households were acquired. In UK telecoms provider TalkTalk was hacked earlier this year, with bank details from thousands of customers being stolen. OKCoin, the world’s largest bitcoin exchange server, was also recently forced to suspend some of its services after experiencing a cyber attack from hackers.Such examples only further highlight the need for all businesses to strengthen their approach to cyber security, especially firms holding personal customer details. This has led to an increase in demand for cyber security professionals and a dramatic increase in opportunities available across several industries.A report recently released by the Identity Theft Resource Center (ITRC) revealed that the business sector has accounted for 16 million exposed records so far in 2015; the medical and healthcare sector is responsible for 120 million exposed records, and the government and military sectors are accountable for the loss of nearly 34 million records.As a result of these high-profile cases and alarming statistics, the same Ponemon report found that intelligence sharing is swiftly becoming a popular method to help fight off such malicious attacks. This practice involves vendors, industry groups and peer-to-peer exchange programs sharing the information they have available with one another in an open and collaborative environment.The majority of respondents said vendors were their main source of information on cyber security threats (61%), followed by peers from other companies (56%). Both platforms act as a key source of information on malicious IP addresses and URLs.However, the ever-evolving nature of IT and cyber security means information often comes with a very short shelf-life; threats are often replaced with new threats almost immediately – 60% of respondents said some information loses its usefulness within minutes. Yet, very few IT professionals receive security threat information in real-time.This is where the cloud could benefitITprofessionals. Just as employees are utilising mobile devices and the cloud to access business information and systems, IT security professionals could also be looking to this platform to access threat details. Wolfgang Kandek, the Chief Technology Officer for Qualys, has noted that moving away from traditional enterprise systems and into the cloud will allow security professionals to respond quickly and in the most effective and appropriate manner possible.The 2015 Global Cyber security Status report from the ISACA states that, come 2020 there will be 1.5 million unfilled cyber security roles across the globe. In order to meet these changing demands, the Asian market is investing heavily in cyber security practices and education. The US, on the other hand, is suffering from a severe lack of cyber security talent, particularly at the mid-senior level.This is driving up salaries for CISOs (Chief Information Security Officers) who have a successful track record of implementing proven policies and procedures and building successful teams. It’s also driving demand for the security consulting market, which is now worth over $15 billion dollars and saw year-on-year growth of almost 10% in 2015. This market is dominated by Deloitte, IBM and EY.The cyber security market is estimated to grow to $170 billion (USD) by 2020, at a Compound Annual Growth Rate (CAGR) of 9.8% from 2015 to 2020, according to a report from Markets and Markets. So how can businesses address the cyber security skills gap? Should talent be sourced from outside the industry and transferable skills given prominence, or should appropriate training, coaching and education be put in place within anorganizationfor talent to be trained internally from junior level? Even with a combination of these two approaches, is it a case that no matter how well prepared anorganizationis, the hackers and criminals will always be one step ahead?If you’re struggling to find the talent needed to meet cyber security needs, or are seeking new opportunities in the sector,contact the Glocomms team today.--------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that therecruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cyber threats in the aviation, aerospace and defense sectors Image
cyber-security

Cyber threats in the aviation, aerospace and defense sectors

​Cyber security is a rising concern across a number of industries but, for some sectors, such as aviation, aerospace and defence, cyber attacks pose potentially disastrous ramifications. As a result, groups such as airlines and aircraft manufacturers are collaborating to tackle this emerging threat, head on.Cyber attacks on the riseThe Director of Strategy & Safety Management at the European Aviation Safety Agency (EASA) has revealed that aviation systems are on the receiving end of thousands of attacks each month.The areas most vulnerable to attack are the connective communication systems between the plane and the ground, which transmit flight information, and on-the-ground networks.In June 2015 a cyber security breach took down the flight plan system of 10 planes for around five hours. This DDoS attack grounded nearly 1,500 passengers.Growth in areas such as the Internet of Things has increased awareness of risk in the sector as a new breed of threat is beginning to emerge. Director of Cyber Security at Israel’s Institute for National Security Studies,Dr.Gabi Siboni, commented: “The next 9/11 will be caused by computer hackers infiltrating aircraft controls”.An industry on the defenceSITA’s 2016 Airline IT Trends Survey revealed that 9% of airlines plan to invest in cyber security in the next three years, with 72% of the 200 airlines surveyed already investing in cyber security projects.The US launched the Aviation Information Sharing and Analysis Center (A-ISAC) in 2014. The A-ISAC includes input from airlines and security agencies, including Boeing, the NSA, the FBI, and the CIA. As of yet, Europe does not have a major presence in this collaborative project – the only European members are Airbus and Lufthansa.Europe’s cyber security defendersThe European Centre for Cyber Security in Aviation (ECCSA) has been set up by the European Aviation Safety Agency (EASA). The ECCSA boasts an Aviation Computer Emergency Response Team (AV-CERT) that helps analyse cyber threats to better understand their origins and identify security flaws, and which could help work towards technical solutions and create best practice guidelines to tackle the issue.The job marketDue to the rising threat and awareness in the industry, there is a clear shortage of experienced cyber security professionals. According to recent figures, there are only enough active candidates in this sector to fill 31.6% of opportunities. This is not endemic to the UK; Israel has 28.4%, Germany 35%, France 38.6%, the US 66.7%, and Canada 68.1%.Globally, we now need more cyber security professionals in order to protect ourselves from cyber threats.Economist MarianoMamertinocommented: “The problem is fast approaching crisis point and British businesses will inevitably be put at risk if they can’t find the expertise they need to mitigate the threat. “This should serve as a wake-up call to Britain’s tech sector – it must pull together to [...] attract more people into cyber security roles.”Cyber security candidates from outside the aviation industry will find it relatively easy to transfer across to aviation. Here at Glocomms, we specialise in recruiting across Connective Technology roles, over the last 6 months we have noticed the increasing demand for network security engineers, security architects and security analysts in the sector.We work closely with clients with in the sector to monitor and track the best talent in the market. If you are a cyber security expert searching for your next step, or you’re looking to bolster your cyber security team over the next few months, get in touch today.  ​-------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.

Read More
Cybersecurity Salaries are on the Rise - Are you Ready? Image
cyber-security

Cybersecurity Salaries are on the Rise - Are you Ready?

​Do you have a strategy for attracting IT security talent in the next few years? This is a field in which demand is far outstripping supply and leaving positions vacant can have serious consequences. How will you attract and retain experienced professionals?According to a recent survey by Intel Security and Vanson Bourne, there are 209,000 unfilled security jobs in the US. Globally, there will be a 1-2 million shortfall in skilled workers in the field by 2019. Almost three quarters (71%) of large organizations questioned in the survey said this skills shortage left them vulnerable to cyberattacks.The rising threat: cyberattacksEvery organization is a potential cyber victim. A study by Forrester Research in 2015 found that 60% of brands experienced a breach of sensitive data that year. High-profile targets such as UPS, JP Morgan Chase, Sony, Experian and even the FBI have suffered considerable financial and reputational damage as a result of a successful attack.A recent Ponemon investigation found that the average cost of a breach is $3.8 million; a rise of 23% since 2013. For criminals, the possible rewards are huge. According to the 2016 Trustwave Global Security Report, a hacker investing $5,900 in a malware infection campaign could realise a 1,425% return on investment within 30 days, earning $84,100 as a result of the scam.With claims that nation states such as China and Russia are sponsoring security breaches, cybercrime is a threat that is not going to abate any time soon.Why cybersecurity should be on your C-suite agendaCybersecurity is becoming a more pressing topic for the C-suite. Installing a high quality firewall and antivirus software package is no longer enough; executives should be actively involved in developing cybersecurity strategies that focus on long-term proactivity, not short-term defensiveness.  A government committee in the UK has even gone so far as to propose that CEOs and senior executives should be subject to fines and custodial sentences if found negligent on cybersecurity.Worryingly, many senior teams still fail to grasp the importance of cybersecurity to business success. A 2014 survey found that around 33% of management boards received no regular reports about cybersecurity at all.[vi]Frequently, where security is found to be lacking an organization provides funding for short-term fixes rather than committing resource to a holistic, long-term strategy.The shortage of cybersecurity professionalsThe availability of experienced specialists is reaching crisis levels. Among security professionals, 23% said the lack of talent in this area is the biggest challenge facing the IT industry; 12% of all IT professionals agree.A recent Intel report found that 82% of organizations in the US, UK, Japan, Israel, Germany, France and Australia are experiencing a shortage of skilled workers in cybersecurity; 53% of organizations said recruitment difficulties were worse in this field than for other IT roles. Intrusion detection, attack mitigation and software development were the areas with the most severe shortage of eligible candidates.According to data from the Bureau of Labor Statistics, the challenge is set to increase: demand for cybersecurity professionals is predicted to grow 53% over the next two years.New graduates cannot simply fill these roles because only 23% of organizations see educational programs as giving candidates the skills they need to enter the industry.Hands-on experience and professional certification are valued much more, but these take time to acquire.How can you attract good recruits?In this competitive recruitment environment, what can you do to secure top talent? Unsurprisingly, pay is a major draw for promising professionals; the average compensation for an information security manager grew by around 6.4% in 2015-16.The US national average salary of a cybersecurity specialist with three or more years’ experience is $99,000. With five years’ experience, the average salary rises to $118,000.A substantial 80% of security professionals said a salary increase could persuade them to move to a new employer. This reflects a widely-held belief that despite mounting workloads, pay is not keeping up with the value they contribute to an organization; 61% of security professionals believe their salary is falling behind business growth and demands, compared to 55% among other IT professionals.How can you retain top talent?With unemployment rates among this group approaching zero, there are plenty of businesses out there looking to poach dissatisfied employees from their competitors; 74% of cybersecurity professionals have been targeted by head hunters in the last year.In terms of retention, focusing on job satisfaction and workload might help to keep good employees. The shortage of skilled professionals means there is more pressure on existing workers; 60% of cybersecurity professionals say they expect their workloads to increase in the next 12 months.If you pile the work up too high, your valued employee could simply move elsewhere.Contact Us to find out how Glocomms can help you.------About UsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Get in touch today to see how Glocomms can help you.

Read More
The Cyber Security Challenge Image
cyber-security

The Cyber Security Challenge

​Reports indicate that the cyber security market is due to dramatically expand in the following few years, with new technologies emerging and the need for such technologies increasing.The proliferation of connected devices, services like the Cloud and bring-your-own-device (BYOD) practices means that the threat of cyber-attack is now growing faster than ever and, as a result, there is expected to be a boom in the cyber security industry.According to a MarketsandMarkets industry report, the cyber security market will increase from the $106.32 billion it is worth today, to $170.21 billion by 2020, at a compound annual growth rate (CAGR) of 9.8%.Worldwide governments are makingcyber securitya key political focus. The US is currently leading the way, according toLarnoLimnell writing for the International Business Times. “Most countries have cyber strategies on paper, but public discussion of policy and doctrinal levels and practical measures are not as mature as they are in the US,” he suggests.Europe has recognised this discrepancy, however; the European Commission, the European Council and the European Parliament have been working together to update and supersede the existing EU Directive in order to bring it in line with the recent advances in technology. “The objective is to issue a final proposed comprehensive regulation for the EU by the end of 2015, with final approval and adoption thereof to occur by the Spring of 2016,” said Stephen Jett from Taft Stettinius & Hollister LLP writing for Lexology.com.Indeed, the government’s role in combattingcyber attacksis a critical one, according to new research by Intel Security. The study of 625 IT decision makers from the finance, energy, transport and government sectors in Germany, France, the UK and the US found that 86% felt cooperation between the public and private sectors was vital for protecting cyber infrastructure.However, while the growth of this market is inevitable, more discussions need to take place regarding exactly what cyber security is and what it entails.Experts have spoken out about the emergence of the market and claim that professionals within the industry, and those looking to enter it, need to begin training in all areas of cyber security as early as possible.Discussing the sector, Gary Hayslip, the CIO for the City of San Diego, commented: “You talk to people, they think cyber is one thing, and it’s not.” It is this misunderstanding of the concept and market that requires more clarity. Linda Brent, the CEO for ASTA Group, expanded on this, stating that Cyber security can be considered to be “everything from artificial limbs to unmanned systems that are small enough to hold in your hand to the training and education of the workforce.”This training and education should start at the most basic level – in schools. Many professionals are encouraging the integration of Science and Technology programmes, so future generations will already have a sound grasp of cyber security and what it entails by the time they enter the workforce.This needs coordination between institutions - unless there is a unified understanding of the risks, challenges and learning opportunities then, any training provided is likely to be ineffective.Since higher education institutions are notoriously slow at updating their curriculum, this is presenting a significant challenge. Headway is being made in some regards, for example, women are being encouraged to enter into the cyber security industry thanks to a new training initiative from Cybrary and the Women in Technology (WIT) Association. However, it is vital that consolidated training opportunities be made far more widely available, as soon as possible.The Wall Street Journal has also recently reported that it’s not just schools and education institutions looking to improve awareness of cyber security; executive boards for high-profile businesses are also looking to improve their knowledge of the sector, so they are better informed should a cyber-attack occur. High-profile professionals are beginning to understand the significance of knowing where cyber security threats are coming from, how they are rectified and if enough is being done to challenge these attacks.As awareness of the cyber security space increases, so too are jobs in the sector. For information on opportunities in the industry – whether you are a potential candidate or looking to hire – contact us here.-----------------About GlocommsGlocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in SanFrancisco, New York, London and Berlin.

Read More

Looking for something specific?

View more blogs