Description
Security Engineer (SIEM) required for a leading European Institution in Belgium;
Summary:
- Subject Matter Expert as part of a small engineering team.
- Supports to bids and the translation of High Level Designs into Low Level Design.
- Creation of work packages for the team.
- Support to the Project and Business Unit Leader in the execution of these duties.
- Knowledge transfer and mentoring the team.
- Hands on deployment of their knowledge of SIEM and other cyber security technologies.
- Fault finding and problem solving.
- Experienced ArcSight Admin.
- Experienced with log aggregation technologies
Skills:
- Linux experience (RedHat/CentOS).
- Experienced in the use of one or more SIEM products eg Arcsight, QRadar, RSA, McAfee, LogRythym, Splunk.
- Experienced with supplementary SOC products ie IDS, Packet Capture, DLP, Forensics, Vulnerability assessment tools etc.
- Good understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP).
- Good understanding of network device, security device and operating system logging capabilities.
- Experienced with integrating existing IT infrastructures into a SIEM/SOC solution from inception through to support.
- Strong understanding and experience implementing alert correlation with multiple data sources within a SIEM.
- Understanding of various SOC standards and reporting requirements ie GPG13.
- Experience implementing SOC reporting and governance.
- Experience with SOC automation and workflow products such as Archer GRC.
NOTE: You must be able and willing to take NATO clearance before the start of the contract.