Cisco Cyber Security Engineer

Job type:
Start date:
12mths +
Proactive IT Recruitment Limited
Published at:
flag_no Belgium
Project ID:

This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Cisco Cyber Security Engineer (NIPS/FPC) - Mons, Belgium - Contract -12 months plus - Rate Excellent

My client is looking to recruit Cyber Security Engineers with specialist skills in Network Intrusion Detection systems and/or Full Packet Capture systems. The specialists will be working in Mons, Belgium. The position requires demonstrable experience within a similar role preferably working in secure environment such as MOD/GOV/NATO environments.

Current Security clearance: NATO Secret/SC Cleared is essential


A motivated, self-managed individual who is willing to help design and adapt a constantly evolving service. Someone who can demonstrate above average analytical skills and liaise professionally with peers and client stakeholders, even under pressure.

  • Cisco FireSight - experience with:
    • Cisco FMS in large environments utilising Cisco 8000 series hardware Sensors including virtual appliances
    • Snort rule writing, rule & pre-processor tuning, rule & pre-processor performance testing and verification
    • Cisco FMS report generation, log and rule correlation
    • Cisco FMS and series 8000 Sensor troubleshooting including performance enhancements
    • System upgrades and security updates on live systems
    • 8000 Series Stacked/Clustered Sensors
  • RSA Security Analytics - experience with:
    • Security Analytics Packet Capture in version 10.x
    • Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers
    • Updating/creating metakeys/metatags, configuring live feeds and configuring and updating LUA Parsers
    • Application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6
    • Network Packet Analysis and tools used, such as protocol analysers
    • Software engineering including programming and/or Scripting knowledge. Python, Perl, Linux Shell Scripting
  • Sound knowledge of IT security best practice, common attack types and detection/prevention methods
  • Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
  • Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort
  • In depth experience of other common devices, such as Routers, Switches, hubs
  • Capable of communicating clearly with team members and other analysts. Able to demonstrate reading, writing and spoken English to IS level III at least (B1 of the Council of Europe/Association of Language Testers)
  • Experienced with integrating existing IT infrastructures into a SIEM/SOC solution from inception through to support
  • Understanding of various SOC standards and reporting requirements ie GPG13
  • Experience implementing SOC reporting and governance
  • Experience with SOC automation and workflow products such as Archer GRC

Knowledge or experience of the following would be desirable:

  • Exposure to IT service management best practices such as ITIL
  • Experience of using and administering SIEM and Log Management tools such as ArcSight ESM and ArcSight Logger
  • Solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad)

Current Security clearance: NATO Secret/SC Cleared is essential