Description
To support modifications of the current Security Operations Centre I am looking for an experienced IT Security Engineer to take part in the following tasks:
- Design/Install/Configure an Intrusion detection architecture based on open source solutions such as SNORT/SURICATA/BRO)
- Design/Install/Configure Netflow system
- Design/Install/Configure Full packet capture solution
- Design template for Linux system logging
- Design/Install/Configure communication architecture with EATM-CERT (CS6-7)
- Use case definition - SPLUNK engine queries/policy
- Define and document SPLUNK standards (naming, directory structure, archiving mechanisms log retention)
Skills required include:
- IT security expertise (min 3 years): experience in computer security engineering with hands-on working knowledge of information security and working knowledge of Windows system administration
- Expert knowledge of IT and security systems concept/architecture (switching/Firewalls/VPN/IDS/SIEM)
- Expert knowledge of TCP/IP
- Expert knowledge of Linux operating system and strong hands-on Linux system administration knowledge
- Advanced Scripting knowledge (python/bash/regular expressions
- Expert knowledge of design, installation & configuration of open source intrusion
- detection software (SNORT/SURICATA/BRO)
- Knowledge/hand-on experience with SPLUNK
Secret security clearance is essential for this position.