Cyber Security Intelligence Incident Response Analyst

Hainaut  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Cyber Security Intelligence Incident Response Analyst

Mons, Belgium

Description

Overview:

Cyber Security Intelligence Analysts utilize a variety of sources of information to monitor emerging threat conditions and ensure that relevant communities are aware of these possible threats. The ability to collate information from across a variety of sources (eg social media, news media, feeds from the NATO and national intelligence communities, etc.) is required to identify possible threats to NATO and NATO nations.

Duties/role:

As the Incident Handling Officer dedicated to the interaction with NATO Partners Embedded within their working environment, the successful candidate will be required to use their knowledge and experience to work on Cyber Security Incident Handling and Reporting, with an emphasis on post-Incident Analysis. Their role will involve fusing Cyber Threat Intelligence & Analysis from all relevant sources currently available for re-distribution based on existing MoUs, Technical Agreements and Industry Partnership Agreements. The incumbent will also be in charge of engaging with NATO Cyber Threat Intelligence Stake Holders to improve the quantity/quality of information exchanged. The incumbent will maintain the content of existing information sharing platforms (ie MISP) as well as propose improvements. They will foster and maintain an active information sharing relationship with CSSL partners and contributes to CSSL products.

Collation/Analysis of Cyber Threat Intelligence

Dissemination of Cyber Threat Analysis to the appropriate audiences.

Pro-active engagement with the Cyber Threat Intelligence Community both internal/external to NATO.

Monthly reporting on approved KPls for Cyber Threat Intelligence sources.

Monthly reporting to both the Customer and Business Stake Holders.

Ad-hoc taskings from the Incident Management Section (IMS) in support to investigations;

Improvement of NCIRC TC processes for receiving, searching, analysing, and storing cyber threat data.

Regular, at least monthly, Knowledge Transfer meetings with appropriate Stake Holders, focusing on:

Key Cyber Security Threats, particularly those that may have an impact on NATO.

Significant Cyber Security Incidents, including relevant post-Incident Analysis.

Requirements

  • Significant demonstrable experience in Cyber Security related environment, with an emphasis on post Incident Management and Analysis.
  • Experience in liaising at both the technical and managerial level in the successful resolution of Cyber Security Incidents, the incumbent must have excellent written and spoken communication skills.
  • Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security Incidents.
  • Essential to have one or more professional SANS (eg, GSEC, GCIA) and/or CISSP and/or CISM Certifications.
  • Senior level of management and analysis of (ie Security Event Analyst experience) Cyber Security Incidents, and/or configuration, operation, troubleshooting and management (ie Tools Specialist) in at least one of the following areas, and a high level of experience in several of the other areas:
  • ArcSight products,
  • Network Based Intrusion Detection Systems (NIDS),
  • Host Based Intrusion Detection Systems (HIDS),
  • Network security appliances and networking devices and associated management software,
  • A variety of Security Event generating sources (eg Firewalls, IDS, Routers, Security Appliances),
  • Computer Incident Response Centre (CIRC), Computer Emergency Response Team (CERT),
  • Computer Forensics Tools (stand alone, online and network)
  • Computer Security Tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.),
  • Secure web design and development,
  • Military communication systems and networks,
  • Network, system and application level troubleshooting techniques .
    • Ability to effectively manage own workload in a high tempo environment to Time, Quality and Standards
    • Ability to effectively communicate technical solutions to various audiences, both technical/non-technical
    • Be self-motivated and driven to follow-up Cyber Security Incidents to their logical conclusion.
    • Security clearance to NATO SECRET
    • Ability to work in an International environment Embedded in the Customer's location in mainland Europe
    • Be self-motivated and driven to follow-up Cyber Security Incidents to their logical conclusion
    • Security clearance to NATO SECRET or at least UK SC Clearance is a mandatory requirement for this role
    • Ability to work in an International environment Embedded in the Customer's location in mainland Europe
    Start date
    ASAP
    Duration
    6 months +
    (extension possible)
    From
    Fox IT SM ltd
    Published at
    11.04.2016
    Project ID:
    1107941
    Contract type
    Freelance
    To apply to this project you must log in.
    Register