Call us now Email a specialist
+353 1 6420100 | info@ward.ie
  • Resources
  • Blogs
    • Careers

    Women @ Ward

    At Ward Solutions, women have made significant contributions to our organisation since our foundation. We recognise the benefits of having high levels of female participation at all levels in our organisation.
    Traditionally there is an underrepresentation of women in STEM careers. Of the 118,000 people working in Stem in Ireland, just 25% are women. This is not just an Irish problem. Less than 7% of tech positions in Europe are filled by women. In the US, for example, only 18% of undergraduate computer science degrees and 26% of computing jobs are held by women, according to Girls Who Code. This is worse at the top of the corporate world where just 5% of leadership positions in the technology industry are held by women.

    Ward Solutions is very pleased to buck this trend, as we’re ahead of these figures for female participation in our organisation. Currently, there is a 25% to 27% female participation overall in the company. This breaks down as:

    • 25% participation at leadership level
    • 50% participation at management level
    • 50% participation at sales and marketing function
    • 100% participation at admin/finance level
    • 10% participation at technology consultant/engineering level

    Looking at our own levels of female participation we need to address the underrepresentation at the technology level, while continuing to add and improve at all other levels in the company.
    Creating an environment and culture based on merit and equality without stereotyping or discrimination enables Ward Solutions to achieve and maintain high level of female participation. This is not something that happens by accident but is something that is carefully fostered and developed in Ward. It is done by equally recognising success, ambition, contribution, and alternative perspectives and ideas and by being flexible. Having a gender balance is essential in creating a diverse, happy and successful workplace.
    We are proud of the level of female participation in Ward and are working to forge a better and a more inclusive, gender equal world.

    Careers

    Linux Support Engineer

    A Position exists for a Linux Support Engineer within Ward Solutions.
    Ward Solutions Security Operations & Response Practise has a reputation in the Irish market for providing technical expertise, security integration implementations, Secure managed services, consultancy, and superior quality in all customer engagements designed to bring tangible benefits and results for our customers.
    We recognize the knowledge of our security engineers is the key to our success, and they are certified leaders in secure network design and implementation allowing them to expertly implement and support solutions for our customers
    An attractive benefits package is available to right candidate with the desired skills, qualifications and experience.
    Desired Skills and Experience
    Required Skillsets:

    • Install and configure linux (Debian and/or RedHat preferred)
    • Manage users, permissions, remote access (ssh)
    • Usage of SSL certificates
    • Shell scripting plus one other scripting language (Perl / Python / etc.)
    • Apache and Tomcat or JBoss configuration and management.
    • Linux networking (bonding/aliasing/routing)
    • Network service configuration and management (DNS/NTP/SMTP/HTTPD)
    • Securing of Linux servers
    • Network security (IPTables, TCPWrappers, secure SSHD configuration, minimizing network service footprint)
    • Server hardening (Kernel tuning, file and binary permission reviewing, user management)
    • Supporting DBAs in performing their duties (Oracle / MySQL)
    • An understanding of the Linux Kernel, runlevels, processes and filesystems
    • An understanding of how to compile software (i.e. Apache), and when to do so
    • Linux backup software / utilities (Bacula / RSync)
    • Experience debugging obscure issues using tools such as strace and tcpdump

     
    Additional Advantageous Skillsets:

    • San installation and management (multipathd etc)
    • Experience with highly available Linux solutions
      • Linux HA (for use with Apache and other services)
      • Application and filesystem clustering
    • Installation and configuration of intrusion detection systems (Tripwire etc)
    • Securing Apache, Tomcat and JBoss
    • Application security gateways (Modsecurity, F5)
    • Administering and configuring virtual machines (VMware, KVM)
    • Cloud services (Azure, AWS)

     
     
    It is expected that this Engineer would provide support to managed ICT environments as part of Ward Solutions Secure Managed Services team. Troubleshooting skills are essential. It will also involve working directly with clients as required.

    • The individual selected must be willing to broaden their skillsets through training both formal and self-driven as required.
    • The individual must display good interpersonal skills, this position will involve working as part of a service delivery team and project team as required.
    • This Engineering position will involve both project (new builds) and also support of existing client builds.
    • Any additional knowledge / expertise in networking (firewalls, switches routers etc.) and Windows environments including Server and storage support is also welcomed and should be highlighted.

     
     
     

    Insights

    Shadow IT – the hidden threat at the heart…


    Shadow IT, a term that refers to the implementation and utilisation of IT solutions and platforms without explicit organisational authorisation, is the hidden threat at the heart of many Irish organisations. While the impact of shadow IT was initially limited, the growth of cloud services and mobile working has prompted many employees to adopt services that enhance their ability to work on-the-go without first seeking approval from the IT department. As a result, IT departments don’t have the oversight that they once did. Over the course of our next two blogs we’ll take a look at the concept of shadow IT, how and why it comes about and what you can do to prevent it.

    By 2020, a third of attacks on enterprises will be directed at their shadow IT resources

    Once a relatively obscure concept, shadow IT is a term that has gained widespread prominence due to the potential financial and reputational damage posed to organisations by increasingly sophisticated cyber security threats.
    The term refers to software that is rolled out without the authorisation of the IT department and therefore exists on an organisation’s network without the knowledge of the teams responsible for maintaining the security and integrity of the network. For this reason, shadow IT can leave sizeable vulnerabilities in a company’s information security strategy, leaving them open to attack. A recent report from Gartner found that by 2020, a third of successful attacks experienced by enterprises will be on their shadow IT resources.
    Shadow IT traditionally stemmed from workers rolling out new programs within the network to fill perceived gaps in their existing software suite. This highlights that shadow IT rarely arises through malicious intent, but through employees trying to be proactive. Many organisations have now put better controls in place, restricting the ability to install new programs on the network to system administrators.

    Whether or not your business is in the cloud, chances are your employees are
    However, with the proliferation of cloud services, the challenge of combatting shadow IT has expanded outside the network. Users can access cloud apps without installing any programs on the network and as a result, the utilisation of these services will often go undetected. The only sign that anything unusual is going on is a higher rate of traffic coming through the company firewall.
    The key thing to bear in mind is that the majority of employees using unauthorised applications and services are not doing so with the intent of hurting your organisation, but rather to be able to do their jobs as effectively and efficiently as possible.
    For example, a user that finds themselves unable to send a particular file type via email might try to be proactive and utilise file sharing application which can be used through the browser and without downloading any files that might cause the IT department to become suspicious. The danger of such an action is that the IT department has no oversight of what information is leaving (or entering) the organisation. As the majority of these services are browser-based, the firewall will not be able to automatically restrict the access to specific cloud services, or prevent data being transferred to/from those services, unless your IT team has specifically added rules to block those cloud applications. The challenge to IT is that new cloud services are becoming available at such a rate that it’s impossible for them to always know which traffic to block, and to which IPs. As a result, malicious code could quite easily penetrate your network, or sensitive information could be leaving your network to be stored in services unknown and unmanaged by your organisation.
    Another consequence of shadow IT is that it can render your compliance work void. If, for example, you carry out a programme of work to achieve ISO 27001 compliance and then employees utilise cloud services without explicit approval, your organisation will no longer be complaint to the standard.
    The examples above highlight the importance of educating your employees about the risks of shadow IT. The crucial point to remember is that shadow IT frequently stems from a genuine need for services or applications that your employees don’t currently have access to.

    If you would like to speak to our subject matter experts for further advice, call us: 1800 718 850 or e-mail: info@ward.ie.

    Insights

    Ward Solutions and IBM outline the need for GDPR…

    Ward Solutions and IBM's GDPR event - image
    Ward Solutions and IBM outlined the need for companies to place increased focus on their preparations for GDPR at a recent event held in the Royal College of Physicians of Ireland in Dublin.

    On Friday 10th February in the Royal College of Physicians, Dublin, Ward Solutions and IBM presented the second ‘Will GDPR drive your security strategy in 2016?’ seminar. The event proved to be extremely popular, with over 90 attendees joining from the business, insurance, telecom, legal, education, medical and IT sectors. Attendees were interested in learning how GDPR was going to affect their particular industry and what steps they could take to become compliant with the legislation.
    James Cant-Parton, IBM’s software account manager for Ireland, welcomed delegates gave an outline of what the seminar would cover and introduced the speakers.
    Implications of the new GDPR legislation
    The first section of the seminar was given by Ward Solutions Chief Technology Officer and Co-Founder, Paul Hogan and group solicitor, Aisling Hennessy who spoke about GDPR and its implications. GDPR introduces severe ramifications for businesses that fail to achieve compliance. Organisations that suffer a data breach and who are found to be non-compliant will be liable to fines of 4% of worldwide turnover or €20m, depending on which is greater. In addition there is increased scope for individuals who have suffered material or non-material damage to bring actions against companies for an infringement of their rights under GDPR.
    In this section Aisling went through the key elements of the GDPR legislation and Paul spoke about the practical implications of this in terms of how it would affect businesses. Aisling highlighted how readable the legislation is, and urged those responsible for IT security to familiarise themselves with it. As well as providing an overview of the tougher sanctions that will result from GDPR, Paul and Aisling outlined areas affected by the new legislation, including: increased territorial scope, ramifications for international data transfers, new responsibilities for data processors, the need to recruit a Data Protection Officer, and much more besides.
    Data flows were highlighted as a key element for companies to be vigilant about to become GDPR compliant. Related to this, Paul mentioned that international data transfers could prove to be a potential minefield for companies as third parties could hold data outside the EU. Aisling noted that, as it stands, the US Privacy Shield does not provide adequate protection for European citizens.
    Paul talked about how companies must now demonstrate compliance with the new legislation and Aisling noted that GDPR is about embedding a privacy culture into an organisation.
    GDPR also establishes new rights for the individual. One of these rights is the right to be forgotten, which gives individuals the right for data that pertains to them and is “inadequate, irrelevant, or no longer relevant” to be removed online.
    Under the new legislation it will be mandatory for companies to report a breach of data within 72 hours of discovering the breach. Aisling and Paul discussed the role of the Data Protection Officer under GDPR and how some companies may outsource this role.
    GDPR sanctions - image
    Organisations that suffer a data breach and who are found to be non-compliant to the new regulation will be liable to fines of 4% of worldwide turnover or €20m, depending on which is greater.

    First steps towards GDPR compliance
    The second section of the seminar was presented by Brendan Fay, Ward Solutions’ Principal Information Security Consultant, who talked about the steps that organisations need to take to become GDPR compliant. The final speaker to take to the podium was Allan Cahill, Ward Solutions’ Principal Secure Application Development Consultant. Following on from Brendan’s presentation, Allan discussed the range of solutions that companies can utilise to achieve GDPR compliance.
    Comprehensive understanding of GDPR requirements
    Following the event, members of Ward Solutions’ team were on hand to answer further information security and GDPR related questions from delegates.
    The event was followed by a light lunch, which provided delegates with an opportunity to network and discuss the range of topics that were presented. The event was a great success and all attendees left with a much more comprehensive understanding of GDPR, providing them with the basis to re-examine their organisations’ current data policies and procedures to ensure that they are on the right path when it comes to meeting the requirements of the new law.
    For more information on what your organisation can do to ensure GDPR compliance, call us at +353 1 642 0100 or e-mail us at sales@ward.ie