Cyber Defence System and Data Engineer (Must have Active DV Clearance)

Description

We are IT Recruitment Specialists partnered with a prestigious Global Consultancy who require a Cyber Defence System and Data Engineer for one of their Public sector Clients based in Hereford.

• IR35 - This role is Inside of IR35
• Active DV Clearance holder

Role Description:

The Authority's Environment Level 3 System Engineer will join a rapidly growing security team responsible for the testing, implementation, deployment, maintenance, configuration and troubleshooting of the SIEM infrastructure hardware and software and assist with the continued development and maintenance of data pipelines and signature updates and the professional development of the system engineering team.

Tasks:

• Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration.
• Manage system/server resources including performance, capacity, availability, serviceability, and recoverability.
• Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability.
• Coordinate with Authority's Environment and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave.
• Manage the compilation, cataloguing, distribution, and retrieval of data from a range of enterprise networks and data sources.
• Implement data management standards, requirements, and specifications.
• Develop data standards, policies, and procedures.
• Analyse data sources to provide actionable recommendations and facilitate data-gathering methods.
• To share knowledge, skills and experience, create and improve documentation, and train new members of the data engineering team.
• Advise and work in an engineering and consultative capacity to the organization in regard to Data Onboarding and utilising tools (incl. Gigamon, Endace, Proxy's and Diodes) to identify, onboard and continuously monitor key data feeds.
• Document, validate and put in place operational processes that cover the complete Data Lifecycle
• Coordinate with Cyber defence Analysts to manage and administer the updating of rules and signatures (eg, intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defence applications.

Knowledge:

• Knowledge of big data technologies and ecosystems.
• Knowledge of current market and emerging leaders in data analytical and SIEM platforms.
• Knowledge of network security implementations (eg, host-based IDS, IPS), including their function and placement in a network.
• Knowledge of intrusion detection systems and signature development.
• Knowledge of Front End collection systems, including network traffic collection, filtering, and selection.
• Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.
• Knowledge of cyber defence and information security policies, procedures and regulations.
• Knowledge of network security architecture concepts including topology, protocols, components and principles.
• Experience with SIEM and associated technology; eg NiFi, Splunk, Grafana

Skills/Experience:

• Previous experience of Enterprise ICS/network architectures and technologies.
• Working with frameworks and technologies that support data-intensive distributed applications.
• Experience maintaining and administrating data analytical and SIEM platforms.
• Experience using host and network-based IDS/IPS
• Experience using packet capture solutions.
• Skill in developing and deploying signatures.
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Ability to provide technical and service leadership to Authority's Environment Data Engineers (mentor/coach).
• Desirable: Experience in developing data flows with Apache NiFi

Desirable Qualifications/Certifications

• Red Hat System Administration I & II (RH124/RH134).
• Baseline Cyber Courses eg Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp.
• Certified engineer in a market leading data analysis/SIEM platform.
• SANS SEC501 Advanced Security Essentials Enterprise Defender.
• SANS SEC 511 Continuous Monitoring & Security Operations.
• SANS SEC555: SIEM with Tactical Analytics.

If you are interested in this position and would like to learn more, please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often Shortlisted within 48 hours.