Description
Cyber Security Engineer - Mons, Belgium - Contract (1 year + Extension) - €500 Euro/Day
Security Clearance: NATO SECRET
A cyber security engineer is required with specialist skills in Network Intrusion Detection systems and/or Full Packet Capture systems. The preferred candidate will ideally have strong experience working in a secure environment such as MOD/NATO/GOV.
REQUIREMENTS
A motivated, self-managed individual who is willing to help design and adapt a constantly evolving service. Someone who can demonstrate above average analytical skills and liaise professionally with peers and client stakeholders, even under pressure.
- Cisco FireSight - experience with:
- Cisco FMS in large environments utilising Cisco 8000 series hardware Sensors including virtual appliances
- Snort rule writing, rule & pre-processor tuning, rule & pre-processor performance testing and verification
- Cisco FMS report generation, log and rule correlation
- Cisco FMS and series 8000 Sensor troubleshooting including performance enhancements
- System upgrades and security updates on live systems
- 8000 Series Stacked/Clustered Sensors
- RSA Security Analytics - experience with:
- Security Analytics Packet Capture in version 10.x
- Packet Decoders, Concentrators, Hybrids, Brokers and SA Servers
- Updating/creating metakeys/metatags, configuring live feeds and configuring and updating LUA Parsers
- Application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, IP, ARP, etc.) IPv4/IPv6
- Network Packet Analysis and tools used, such as protocol analysers
- Software engineering including programming and/or Scripting knowledge. Python, Perl, Linux Shell Scripting
- Sound knowledge of IT security best practice, common attack types and detection/prevention methods
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
- Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort
- In depth experience of other common devices, such as Routers, Switches, hubs
- Capable of communicating clearly with team members and other analysts. Able to demonstrate reading, writing and spoken English to IS level III at least (B1 of the Council of Europe/Association of Language Testers)
- Experienced with integrating existing IT infrastructures into a SIEM/SOC solution from inception through to support
- Understanding of various SOC standards and reporting requirements ie GPG13
- Experience implementing SOC reporting and governance
- Experience with SOC automation and workflow products such as Archer GRC
To Apply
To be considered for this opportunity, please apply with an up-to-date copy of your CV or call Nick Burd or (see below) for more details