SOC Junior Analyst - Luxembourg - €450 - €500 PD

LU  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Description

An exciting opportunity has arisen for a Junior Security Analyst to join a Tier 1 global supplier of IT Services in Luxembourg.

1. Perform security events monitoring (System security monitoring)

Via the use of our customer security information and events management (SIEM) infrastructure, perform security event monitoring (security analysis) of IT systems and components operated by DIGIT (an example of events list to monitor is provided in Appendix).

Based on this analysis, appropriate security incidents management steps will be carried out in collaboration with security operational teams.

2. Take part in the monitoring policies management process

In close relationship with the customers or system owners, and according to established service level agreements, the job holder will make sure that the monitoring policy allows an efficient detection of potential incidents.

Therefore, he/she will take part in:

  • Analysing customer's risks and security policy requirements;
  • Translating them into technical events targetting the system components;
  • Identifying the required logs/files/artefacts to collect from the monitored system and if necessary, possible complementary devices to deploy;
  • Elaborating the relevant detection and correlation rules;
  • Implementing these rules in the SIEM infrastructure;
  • Reviewing and improving the monitoring policy on a regular basis.

3. Take part in the design of the monitoring architecture

The job holder will contribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the Back End team, on the other hand, by performing the following tasks:

  • Assessment of security events detection solutions, development of solutions;
  • Integration of these solutions within the security monitoring scheme (log collection architecture, interoperability, formats, network aspects);
  • Deployment and validation of the solutions;
  • Draft documentation such as architecture design descriptions, assessment reports, configuration guides, security operating procedures.

This includes (but is not limited to) the following components:

  • Network based devices
    • Firewalls;
    • Network IDS and IPS;
    • APT detection solutions such as FireEye;
    • DNS, DHCP, VPN
  • Host based components
    • HIPS;
    • Malware detection;
    • OS and application logs

4. EDUCATION, KNOWLEDGE, SKILLS AND EXPERIENCE

The job holder must possess the following technical skills:

  • Experience in incident handling, SANS GICH certification is a real advantage;
  • An experience in SIEM solutions, namely Arcsight ESM and Logger design, implementation and engineering;
  • Experience in UNIX (Sun Solaris and Linux Redhat) system administration and or Oracle Databases;
  • Experience with basic network protocols such as TCP/IP, IP/SEC, SMTP, DNS, etc., and network equipment such as Switches, hubs, Routers, etc;
  • Hands-on experience in the security of Windows/Unix (including Linux) environment;
  • Knowledge of Scripting language (Perl, python, windows powershell);
Start date
ASAP
Duration
initial 6m
From
Sola Technology Ltd
Published at
07.02.2015
Project ID:
846861
Contract type
Freelance
To apply to this project you must log in.
Register