Description
SOC Consultant | £450/day - £525/day | Luxembourg or Brussels
A SOC Consultant is currently required to join a Governmental agency with headquarters in based in Luxembourg or Brussels.
The organisation in question currently has a mandate to expand their existing Cyber Security Defence capability and are looking to add Analysts, Engineers, Consultants and Architects with Qradar and Arcsight expertise tot their European SOC.
Day to Day Activities
- Monitor open tickets for incidents/vulnerabilities from start to resolution
- Escalate unresolved problems to higher levels of support, including the incident response
- and vulnerability mitigation teams
- Configure the SIEM components for an optimal performance
- Improve correlation rules to ensure that the monitoring policy allows an efficient detection of
- potential incidents.
- Integrate cyber-defence solutions for efficient detection
- Define dashboards and reports for reporting on KPIs.
- Produce qualified reports (including recommendations) or alerts to SOC customers and follow-up on actions
- Contribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the security operations engineering team
- Assessment of security events detection solutions, development of solutions:
- Management of identities and its related user accounts
- Management of groups, roles and other means of authorisation
- During security incidents, implement detection means to monitor attacker activities in Real Time
- During security incidents, support the incident response team in the review/analysis of security logs and visualise the attack.
- Integrate IOCs in security solutions
Skills and Requirements
- Networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.)
- Experience in using, configuring and tuning a SIEM (Arcsight, Qradar)
- Knowledge in network security solution/technologies
- Knowledge in Host based security solutions
- Strong knowledge in windows security event analysis
- Strong knowledge in the security analysis of Firewall, Proxy and IDS logs
- Writing and optimising IDS signatures
- Strong knowledge in the security analysis of applicable Middleware logs
- Log management