Description
IT Security Specialist - Belgium
1. Project
Context of the mission
The Monitoring Centre is responsible for monitoring security alerts that represent potential group-wide threats. These alerts are generated by an additional level of co-relation of alerts produced by solutions catering individual business areas.
As a Level 3 Security Specialist you will be responsible for supporting the Security Monitoring Centre (SMC) by sustaining the core SMC infrastructure on a day-to-day basis.
Further to this you may be also involved in providing expert assistance for in-depth analysis of security alerts generated by correlating logs from multiple technologies. You will be contributing towards providing enhanced visibility to the security posture of Group's IT infrastructure.
As a Level 3 Security Specialist you will be responsible for mentoring Level-1 and Level-2 security analysts in order to identify, analyze, and respond to attacks and abuse within the IT environment.
2. Task & responsibilities
Role
Complete operational responsibility for ArcSight Event Correlation System. Includes ArcSight ESM, Oracle Database, Connector Interfaces, Logger Appliances, Windows & Linux Servers, Network Appliance Storage, and Backups;
Responsibility for complete life cycle management with event source system administrators/owners. Including coordination & planning for system upgrades, new systems, as well as maintaining current operational event flows. Provide optimization of connector interfaces, aggregation, and data normalization;
Architect & develop custom Flex Connector as required to meet Use Case Objectives;
Apply Configuration Management disciplines to maintain hardware/software revisions, ArcSight Content, security patches/hardening, & documentation;
Develop & manage Use Case and Content. Provide guidance for Use Case/Content development to security analyst & network engineering staff. Analyze requirements of engineering, operations and security staff and develop Use Cases/Content to improve efficiency & effectiveness in each discipline;
Manage/Coordinate relationships, projects, and open issues with ArcSight Support, Professional Services staff, and L-3 Enterprise WAN team
Mentor, lead, and train security analysts.
Lead the effort and work towards improving the existing process and procedures required for security monitoring operations;
3. Competences
Education
Master degree or equivalent
Personal skills
Mandatory:
Strong logical and analytical skills to help define new use cases, statistical correlation rules and analytical monitoring functions;
Strong troubleshooting skills (Complex Network and Security Problem Resolution);
Passion and drive to work in start-up division with potential of significant growth in scope and services;
You are highly disciplined and motivated, able to work independently, under direction, or as a member of a team.
Business experience required
Mandatory:
7+ years of experience within the IT security domain
Preferable:
Prior experience of working in process oriented organisation;
Technical experience required
Mandatory:
3 years of experience with ArcSight ESM and associated Oracle database systems and storage technologies
AEIA & AESA Certification;
CISSP Certification;
CEH Certification;
CCNA Certification;
MCSE or Solaris/HP Unix or Linux Administration (eg RHCE) Certification;
ITIL Foundation Certification;
Preferable:
Engineering experience with ArcSight ESM 4.0+ (deployment and administration) is a plus;
Experience with security device installations, configuration and troubleshooting (eg, Firewall, IDS, etc.)
CISM Certification;
CISA Certification;
SANS GSAC
Security product certification like CCSA/SE (Checkpoint Certified Security Administrator/Engineer);
SANS GIAC Certified Incident Handler or equivalent;
4. Languages:
- Good verbal and written communication in English, fluent French speaking
Templeton are pleased to have been listed in the 2010 Recruiter magazine Fast 50, a ranking of the 50 fastest growing recruitment companies in the UK based on audited figures in Companies House. We were placed 1st out of pure IT Recruitment companies and wish to thank you for contributing to our past, current and future success.