Description
RT Consulting have been delivering innovative change & transformation to Defence, Government and Transport and Utilities Sectors for over 30 years. Our Associates are challenged to bring expert knowledge and creativity to drive sustainable and lasting change across our programmes.
We are looking to grow our team of Security Incident Event Managers (SIEM) who have experience of Splunk and ArcSight to join our society of RT Consulting Associates to help deliver large-scale capabilities and programmes with our European Defence Partner. You will be working on-site in Belgium representing RT Consulting, liaising with our partners and project stakeholders whilst enhancing the existing software, maintaining and monitoring the current system.
We would love to hear from you if you have the following experience -
- Extensive practical experience with SIEM and Log Aggregation products - egMicroFocus ArcSight and Splunk.
- Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
- Good knowledge of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO.
- Knowledge of Sourcefire/Snort.
- Practical hands-on experience in systems and tools administration.
- Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
- Practical skills in writing bash, python or ansible scripts to support repetitive tasks automation, Linux system and application administration and troubleshooting.
- Solid understanding of regular expressions.
- Proficient with SIEM content creation - correlation rules, reports, dashboards.
Due to the nature of this project our Consultants need to hold current and active Security Clearance to a SC level, NATO Secret or a equivalent level of Security Clearance within a NATO member country.
RT Consultants have the opportunity to work across some of the largest, most complex Programmes of work being delivered across the UK. As a member of our RT Society, we aim to offer you as much support and project continuity as possible.
Please note that due to a large number of applications we are not always able to respond to you if you are not suitable for the project, however we will hold on to your CV for future projects.