Description
Security Engineer
We have been heavily invested in developing a comprehensive security strategy, in addition to implementing a SOC (Security Operations Center), appropriate governance, processes, training and awareness initiatives. We also provide managed security services for companies that leave the security monitoring of their infrastructure and applications to us. Within the Security Engineering team, the related intrusion detection and prevention technology is developed and kept up to date. Centrally, SIEM (Security Information and Event Management) systems enable Real Time analysis of security alerts, trite and vulnerability management tools, filtering, reporting and data analytics technologies. Evolutions within this rapidly changing domain are monitored closely.
As a junior engineer in the team, you will soon be able to perform independent projects under the supervision of a senior engineer. You will implement the security monitoring of new technologies and systems, from concept definition to implementation and testing. You will implement improvements to Real Time views and reporting. You will be involved in the definition of the Security Tool evolution, assist in implementing platform upgrades, and in evaluating new technologies within the domain.
Job Requirements:
ArcSight ESM and Splunk Enterprise infrastructure general knowledge
SmartConnectors monitoring
Forwarders monitoring
Occasional evening maintenance windows (19h -> )
Infrastructure sizing
Close relationship with vendor Support centres
Security Analysts support
Infrastructure administration
Deploy and support new engineering solutions into production
Profile:
To support extensions of our monitored products portfolio, we require the following skills:
Wide (not deep) knowledge of most common security products: Firewall, Proxy, IDS/IPS, Mail and Webgateways, Web application Firewalls,
ArcSight FlexConnectors/Parsing overrides development
Regular expressions coding
Good at technical writing
Perl and Shell Scripting
To help us with the demand for reporting projects:
Splunk and ArcSight reporting skills, including:
Usage of trends
Variables
Reports scheduling
Data models
Eval functions
Scheduled searches
Competences:
A first work experience (1 to 3 years) is definitely an advantage but not a requirement.
Knowledge/experience with IT systems, security management, SIEM (Splunk, ArcSight, other ) concepts are a plus
Good working knowledge of (Redhat) Linux & development for Linux.
Analysis and documentation skills as well as programming and implementation experience.
Communicative and assertive.
Able to work independently & as part of a team.
Sense of responsibility and self-initiative.
Flexible able to work around roadblocks if required, but always keeping the target in sight.
Language: Good knowledge of English (written and oral), any other language (Dutch, French ) is an extra advantage.