Description
Cyber Security Intelligence Analyst -Mons, wallonne, Région, Belgium -Contract - Long Term €NEG
Description
Skills, knowledge, experience required:
Significant experience in Cyber Security with emphasis on post Incident Management and Analysis
Experience in liaising at both technical and managerial level in successful resolution of Cyber Security Incidents, you must have excellent written and spoken communication skills
Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security Incidents.
Ideally a degree in Computer Security or similar but hands-on experience within an equivalent role is required:
Personal Attributes
Ability to effectively manage own workload in high tempo environment to Time, Quality and Standards
Ability to effectively communicate technical solutions to various audiences, both technical/non-technical.
Be self-motivated and driven to follow-up Cyber Security Incidents to their logical conclusion.
Current security clearance to NATO SECRET
Ability to work in an International environment Embedded in the Customer's location in mainland Europe
Duties/role:
As Incident Handling Officer dedicated to interaction with NATO Partners (Industry, non-NATO Nations,
NGOs, etc), Embedded within NCIRC working environment, you will be required to use your knowledge and experience to work on Cyber Security Incident Handling and Reporting, with emphasis on post-Incident Analysis. Your role will involve fusing Cyber Threat Intelligence & Analysis from all relevant sources currently available to NCIRC for re-distribution based on existing MoUs, Technical Agreements and Industry Partnership Agreements. You will also be in charge of engaging with NATO Cyber Threat Intelligence Stake Holders to improve quantity/quality of information exchanged. You will maintain content of existing information sharing platforms (ie MISP) as well as propose improvements. You will foster and maintain active information sharing relationship with CSSL partners and contributes to CSSL products.
Key Responsibilities
Collation/Analysis of Cyber Threat Intelligence
Dissemination of Cyber Threat Analysis to the appropriate audiences.
Pro-active engagement with the Cyber Threat Intelligence Community both internal/external to NATO.
Monthly reporting on approved KPls for Cyber Threat Intelligence sources.
Creation/maintenance of Standard Operating Procedures (SOPs) to support all aspects of their role.
Monthly reporting to both the Customer and Business Stake Holders.
Ad-hoc taskings from the Incident Management Section (IMS) in support to investigations;
Improvement of NCIRC TC processes for receiving, searching, analysing, and storing cyber threat data.
Design/maintain/improve an automatic Cyber Threat sharing capability.
Regular, at least monthly, Knowledge Transfer meetings with appropriate Stake Holders, focusing on:
o Key Cyber Security Threats, particularly those that may have an impact on NATO.
o Significant Cyber Security Incidents, including relevant post-Incident Analysis.
Improvements to the Cyber Security processes currently in use within NCIRC TC IMS
o Cyber Security Incident Trends.
Requirements
Required level of Security Clearance: NATO Secret
Essential to have one or more professional SANS (eg, GSEC, GCIA) and/or CISSP and/or CISM Certifications
Senior level of management and analysis of (ie Security Event Analyst experience) Cyber Security Incidents, and/or configuration, operation, troubleshooting and management (ie Tools Specialist) in at least one of the following areas, and a high level of experience in several of the other areas:
a. ArcSight products,
b. Network Based Intrusion Detection Systems (NIDS)
c. Host Based Intrusion Detection Systems (HIDS)
d. Network security appliances and networking devices and associated management software
e. Variety of Security Event generating sources (eg Firewalls, IDS, Routers, Security Appliances)
f. Computer Incident Response Centre (CIRC), Computer Emergency Response Team (CERT)
g. Computer Forensics Tools (stand alone, online and network)
h. Computer Security Tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus,
Protocol Analysis, Anti-Spyware, etc.)
i. Secure web design and development
j. Military communication systems and networks
k. Network, system and application level troubleshooting techniques
Provide evidence of NATO SECRET clearance