Security Engineer

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Within our client's company, the past years, they have been heavily invested in developing a comprehensive security strategy, in addition to implementing a SOC (Security Operations Center), appropriate governance, processes, training and awareness initiatives.
Our client also provides managed security services for companies that leave the security monitoring of their infrastructure and applications to them.
Within the Security Engineering team, the related intrusion detection and prevention technology is developed and kept up to date.
Centrally, SIEM (Security Information and Event Management) systems enable Real Time analysis of security alerts, trite and vulnerability management tools, filtering, reporting and data analytics technologies. Evolutions within this rapidly changing domain are monitored closely.

As a junior engineer in the team, you will soon be able to perform independent projects under the supervision of a senior engineer. You will implement the security monitoring of new technologies and systems, from concept definition to implementation and testing. You will implement improvements to Real Time views and reporting. You will be involved in the definition of the Security Tool evolution, assist in implementing platform upgrades, and in evaluating new technologies within the domain. You are curious, have an analytical mind, and are always looking for solutions? You work independently, pay attention to detail, and you like to work with different people inside and outside the team?
Apply for this function.

Job Requirements:
To support extensions of our monitored products portfolio, they require the following skills:
Wide (not deep) knowledge of most common security products: Firewall, Proxy, IDS/IPS, Mail
and Webgateways, Web application Firewalls,
ArcSight FlexConnectors/Parsing overrides development
Regular expressions coding
Good at technical writing
Perl and Shell Scripting
To help them with the demand for reporting projects:
Splunk and ArcSight reporting skills, including:
For ArcSight:
Usage of trends
Variables
Reports scheduling

For Splunk:
Data models
Eval functions
Scheduled searches

In General:
Understanding of the business needs
Finding the best way to cover requirements and designing searches/queries
Knowledge of the tools limitations
Documentation (both toward the business and toward internal technical teams)

Duties and Responsibilities:
ArcSight ESM and Splunk Enterprise infrastructure general knowledge
Forwarders and SmartConnectors concept and differences
Indexer, Search heads and ESM Manager concepts and differences
Multi-tier (ArcSight)
Indexer and Sear Heads clustering (Splunk)
SmartConnectors monitoring
Connectors' logs analysis
Functionality issues troubleshooting
Parsing issues troubleshooting
Handling and tracking heterogeneity in connector parameters
Forwarders monitoring
Forwarding events from Splunk to ArcSight monitoring & troubleshooting
Heavy and Universal forwarders troubleshooting and central management
Occasional evening maintenance windows (19h -> )
Connectors upgrades (software, AUPs)
Git for versioning and release management
ArcSight ESM and Splunk upgrades
Important structural changes in the infrastructure
Infrastructure sizing
Devices throughput monitoring
Sizing/dimensioning issues detection (pre-process, post-process)
Close relationship with vendor Support centers
Create tickets for operational issues
Proactive follow-up of tickets
Security Analysts support
P.O.C. for security analyst's incidents
Get ownership of operational issues incidents
Dispatch engineering related incidents
Infrastructure administration
Users permissions configuration
New/Terminated users monitoring
Connector and forwarders remote deployment and management
Deploy and support new engineering solutions into production
Support during solution roll out
Support for complex problems
Feedback on issues encountered and documentation

Competences:
Language: Good knowledge of English (written and oral), any other language (Dutch, French ) is an extra
advantage.
Communicative and assertive.
Able to work independently & as part of a team.
Sense of responsibility and self-initiative.
Flexible - able to work around roadblocks if required, but always keeping the target in sight.
Able to deliver work of high quality.
A first work experience (1 to 3 years) is definitely an advantage but not a requirement.
Knowledge/experience with IT systems, security management, SIEM (Splunk, ArcSight, other ) concepts
are a plus.
Good working knowledge of (Redhat) Linux & development for Linux.
Analysis and documentation skills as well as programming and implementation experience.
Working location/hours: Brussels/Office hours. (Occasional evening maintenance windows: 19h -> 23h).

Start date
01/08/17
Duration
22 weeks
From
Volt
Published at
12.07.2017
Project ID:
1378926
Contract type
Freelance
To apply to this project you must log in.
Register