Description
Company DescriptionOur client is a major player in the financial sector
Job Description- You will be responsible for conducting incident response operations according to documented procedures and
industry best practices. - You must have excellent communication skills. Must have extensive experience in multiple security
areas such as SIEM, IDS, APT and WAF. - Youwill be required to participate in multiple intelligence communities and be able to
disseminate pertinent information throughout the SED. - You should have extensive experience in Linux and/or Windows
operating systems as well as having a deep knowledge of networking and attack methods such as SQLi and pivoting. - Must display enthusiasm and interest in information Security
Standard Job Requirements:
- Language: English
- Part of the SOC team that runs 24x7 with Level 1 analysts. This role (Level 2) has regular office hours from Monday to Friday (no shift work)
- First point of escalation for the Level 1
- Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
- Review and build new operational processes and procedures
- Provide first responder forensics analysis and investigation
- Drives containment strategy during data loss or breach events
- Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
- Works directly with data asset owners and business response plan owners during low and medium severity incidents
- Advice on the tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and rotation data, incidents or
- vulnerabilities and exploits of downstream systems.
- Provide use case creation/tuning recommendations to administrators based on findings during investigations or threat information
interviews - Lead response actions for incidents where CIRT is not required to intervene (low/medium priority)
- Performing administrative tasks per management request (ad-hoc reports / training)
Functional and Technical competencies
- 2+ year prior experience in a similar position
- Passion and drive to work in start-up division with potential of significant growth in scope and services
- Possess good logical and analytical skills to help in analysis of security events/incidents
- Experience of network security zones, firewall configurations, IDS policies In depth knowledge TCP/IP
- Knowledge of systems communications from OSI Layer 1 to 7
- Experience with Systems Administration, Middleware and Application Administration
- Experience with Network and Network Security tools administration
- Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes
- Ability to make create a containment strategy and execute
- Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
- Good knowledge of threat areas and common attack vectors (malware, phishing, APT, technology attack etc)
We are talking about a long-term comitment with possible duration between 1 year to several years.
Location: Brussels
Sector: Financial
We are offering a framework agreement freelance based on a full time mission
Interested?
Send your CV to Filipe de Sousa by email or call for more information.