Cyber Security Events Analyst

Hainaut  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Cyber Security Events Analyst - Mons-Belgium- Contract -100 DAYS-€EXCELLENT MARKET RATE

Personal Attributes

Ability to manage workload for themselves in pressurised environments to Time, Quality and Standards.

Ability to communicate technical solutions to both technical and non-technical audiences

Security clearance NATO COSMIC TOP SECRET required

Ability to mentor staff.

Duties/role:

As Senior Security Event Analyst working Embedded within NATO Security Operations Centre (NCIRC TC), you will be required to use your in-depth knowledge gained from both experience and qualifications in Cyber Defence arena to work on advanced cyber-attacks against one of largest cyber implementations. This will include utilisation of log analysis, IDS/IPS, full packet capture and forensics tools across a distributed sensor network. You will be focusing on protection of NATO Missions network.

  • Analysis of security events and ticket creation and support to Level 1 Event Analysts:
  • Reviewing of tickets and support for analysis of events;
  • Retrieval and support in analysis of Full Packet Captures (FPC);
  • Provision of in-depth analysis after ticket escalation;
  • New threat analysis; online research, such as creating developing new methods of detecting and monitoring new threats, keeping abreast of developments in cyber arena;
  • Liaison with Tools Analysts; ensuring security infrastructure is configured, up to date and operational;
  • Signature and rule creation: NIPS (Snort), SIEM (ArcSight), Full Packet Capture (Niksun, RSA);
  • Test and evaluation of signatures and rules prior to deployment in operational environment;
  • Evaluation and implementation of sensor tuning requests;
  • Assistance in support of Legacy cyber sensor products (Juniper IDS, ScreenOS);
  • Provision of On-the-Job Training (OJT) for Level 1 event analysts, including tools familiarisation;
  • Creation and updating of Standard Operating Procedures (SOPs) and Security Policies;
  • Creation of security reports per request and analysis of Vulnerability Assessment results;
  • Periodic internal meetings and ad-hoc tasking from Incident Management Section (IMS) in support to investigations

Required level of Security Clearance: NATO Cosmic Top Secret

Requirements

Skills, knowledge, experience required:

  • Significant demonstrable experience (5+ years) in analysis and handling of network security related events and security event management in a SOC environment
  • Experience/Education Equivalence: If candidate has relevant degree (eg Computer Security), this counts towards equivalence for demonstrable experience, however irrespective of the candidate's education, hands on experience within equivalent role is required. University degree will count towards max 2 years equivalent experience.
  • Essential to have one or more professional SANS (eg, GSEC, GCIA) certifications. CISSP or other relevant certifications will be considered an added benefit
  • Expert level of management and analysis of security events and incidents (ie Security Event Analyst experience
  • At least two of following areas at expert level, and high level of experience in several of other areas:
  • Security Incidents Event Management products (SIEM) - eg ArcSight
  • Network Based Intrusion Detection Systems (NIDS) - eg SourceFire/Snort
  • Full Packet Capture systems - eg. Niksun, RSA/NetWitness
  • Host Based Intrusion Detection Systems (HIDS)
  • Configuration, operation, troubleshooting and management (ie Tools Specialist) of security tools and appliances
  • Variety of Security Event generating sources (eg Firewalls, IDS, Routers, Security Appliances)
  • Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT)
  • Computer forensics tools (stand alone, online and network)
  • Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
  • Secure web design and development
  • Military communication systems and networks
  • Network, system and application level troubleshooting techniques

Security clearance NATO COSMIC TOP SECRET required

Start date
ASAP
Duration
100 days
From
Proactive IT Recruitment Limited
Published at
01.07.2016
Project ID:
1158212
Contract type
Freelance
To apply to this project you must log in.
Register