Senior SOC Analyst - 1/2 Year contract - Benelux - Arcsight - Senior r

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

(SOC, Arcsight, Senior SOC, Security Operations, SIEM, Contract, Security Clearance)

Job Title: Senior SOC Consultant - ArcSight

Location: Benelux

Rate: Negotiable (Very good rate)

Duration: 12 month rolling contract - (2/3 years)

Requirements: Security Clearance

SOC Analyst regular duties

Take part in the monitoring policies management process

In close relationship with the customers or system owners, and according to established service level agreements, the job holder will make sure that the monitoring policy allows an efficient detection of potential incidents.

Therefore, he/she will take part in:

  • Analysing customer's risks and security policy requirements;
  • Translating them into technical events targetting the system components;
  • Identifying the required logs/files/artefacts to collect from the monitored system and if necessary, possible complementary devices to deploy;

Take part in the design of the monitoring architecture

contribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the Back End team, on the other hand,

This includes (but is not limited to) the following components:

  • Network based devices
    • Firewalls;
    • Network IDS and IPS;
    • APT detection solutions such as FireEye;
    • DNS, DHCP, VPN,
  • Host based components
    • HIPS;
    • Malware detection;
    • OS and application logs,

Take part in the development of the SOC service maturity

As a senior consultant, the job holder will take an active part in developing and improving the maturity framework, and have it understood and implemented by the team, by:

  • Designing and drafting SOC processes and procedures framework;
  • Implement SOC processes and procedures, deploy collaborative tools and dashboards;
  • Coach/train the team on the processes, procedures and tools;
  • Regularly audit and report on maturity to the management;
  • Review and improve the framework.

The job holder must possess the following technical skills:

  • A strong experience in SIEM solutions, namely Arcsight ESM and Logger design, implementation and engineering;
  • Minimum 5 year experience as a SOC Analyst and/or first line incident responder
  • At least 1 certification in the field of incident handling:
    • GCIH (GIAC Certified Incident Handler)
    • GCIA (GIAC Certified Intrusion Analyst)
    • GMON
    • ECIH (EC-Council Certified Incident Handler)
    • CSIH (SEI Certified Computer Security Incident Handler)
    • SCPO (SABSA Certifed Security Operations & Service Management Practitioner)
    • or an equivalent certification recognized internationally (subject to acceptance as a valid credential)
    • 3 years of practice and in network security solution/technologies including
      • Firewalls;
      • Network IDS and IPS;
      • Switches and Routers
      • APT detection solutions such as FireEye;
      • DNS, DHCP, VPN,
      • Network forensics (full packet capture)
      • Traffic baselining analysis
      • 3 years of experience with the following security solution/technologies including
        • SIEM (Arcsight ESM 6.x, Q-RADAR, or equivalent)
        • Log management solution (Arcsight Loggers and/or Q-RADAR and/or Splunk or equivalent)
        • SNORT or SourceFire NGIPS, FireSIGHT,
        • Suricata/StamusNetworks
        • ELK (ElasticSearch, Logstash & Kibana)
        • FireEye Ex, Nx, Ax, Fx, Hx, Ix
        • CheckPoint and Juniper Firewalls
        • BlueCoat proxies

Please contact me for a full JD and further details

Start date
ASAP
Duration
12 Month rolling contract
From
Mark Loucas Payments
Published at
02.12.2016
Project ID:
1248805
Contract type
Freelance
To apply to this project you must log in.
Register