Security Engineer (Cyber Defence)

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Cyber Defence - Security Monitoring & Incident Response Expert

Tier 1 - Security Monitoring

  • Alert Monitoring to detect potentially-malicious or anomalous activity based on event data (log files and data outputs) from a wide range of IT systems and network components (see Miscellaneous).
  • Alert, performance and threshold tuning and analysis across the tool sets, based on traffic patterns and other data.
  • Develop & maintain monitoring and reporting dashboards.
  • Produce and review periodic metrics with regards to security monitoring.

Tier 2 - Alert Qualification

  • Investigate security alerts leveraging a wide range of IT systems and network components (see Miscellaneous), as well as threat intelligence to qualify potential incidents.
  • Escalate confirmed incident to the incident responder on duty.
  • Develop & maintain automation scripts and tools.
  • Feedback to Security Monitoring/Engineering to improve detection and protection controls.

Tier 3 - Incident Response

  • During your duty of incident responder (on call 24/7, one week out of six) you will respond to escalated security alerts/incidents.
  • Perform and/or facilitate digital forensics on workstations, Servers, network components, mobile devices and applications.
  • Develop and maintain incident response plan and procedures.
  • Test the Incident Response capability through regular exercises.
  • Proactively look for potential incidents through threat hunting activities.

Miscellaneous

  • Stay up-to-date with trends in the information security community including new vulnerabilities, methodologies and products.
  • Leverage a wide range of IT systems and network components: IDS/IPS, Firewalls, Web Access Security, SIEM, EDR and DLP systems, Honeypots and other sources.

Education

Bachelor/Master or equivalent by experience

Languages
Requirement

French

Good speaking and writing, or

Dutch

Good speaking and writing, and

English

Fluent speaking and writing

Required knowledge/Experience

Experience

3+ years of experience in information security.

Technical Experience

Mandatory

(demonstrate general knowledge of most of the following, with deep understanding in at least one or two areas)

  • Good understanding of IT security technology and processes (secure networking, web infrastructure, WinTEL, UNIX, Linux, etc.);
  • Knowledge of different key protocols and services throughout the seven layers of the OSI model (IP, ICMP, TCP, UDP, Telnet, SSH, SMTP, POP3, HTTP(S), FTP, DNS,).
  • Familiarity with common cyber threat modus operandi, tools and techniques (TTP: tools, techniques and procedures)
  • Familiarity with deterministic detection schemes and use of observables (IOC: indicators of compromise)

Preferable

  • Past experience in an incident response context.
  • Knowledge of various IDS/IPS, NetFlow, and protocol collection and analysis tools such as Snort, Suricata, Bro, Argus, SiLK, tcpdump, and WireShark.
  • Knowledge of log aggregation, SIEM solutions and search and analytics engines such as QRadar, Splunk, ArcSight, ELK,
  • Experience with programming and Scripting languages: most notably Perl, Ruby, and Python.
  • Experience with text manipulation tools, such as SED, AWK and grep.
  • Experience with penetration testing tools such as Metasploit, CORE Impact, or Kali Linux.
  • Web Application Security Development. (OWASP);
  • Knowledge of popular cryptography algorithms and protocols: AES, RSA, MD5, SHA, Kerberos, SSL/TLS, Diffie Hellman.
  • Knowledge of some NIDS/NIPS or HIDS/HIPS tools.
  • Knowledge of media forensics and analysis tools.
  • Knowledge of automation of data interfacing and machine to machine communication.

If you are interested then please send your CV to (see below) - (French or Dutch speaking candidates only)

Start date
ASAP
Duration
6-12 month renewable contract
From
Penta Consulting
Published at
09.08.2018
Project ID:
1612274
Contract type
Freelance
To apply to this project you must log in.
Register