Cyber Security Event Analyst
Posted on Apr 23, 2020 by WDS Global Limited
Job Title: Cyber Security Event Analyst
Job Type: Contract
Job Location: Mons, Belgium
Contract Rate: Market rate
Contract Length: End of year with possible extensions
MUST BE NATO CLEARED
Our Client, one of the world's foremost IT Consultancies, is looking to recruit a Contract Cyber Security Event Analyst to join their client in Mons, Belgium.
Requirement Description: This contractor will fill the cyber security event analyst position required for networks in the Cyber Security Centre's Area of Responsibility including RSM (Resolute Support Mission).
- Perform analysis of security events and support First Line Security Event Analysts.
- Perform ticket reviews.
- Retrieval and support in the analysis of Full Packet Captures (FPC).
- Signature creation e.g. SNORT rules.
- Test and evaluation of signatures and rules prior to deployment in the operational environment.
- Evaluation and implementation of sensor tuning requests.
- Creation and updating of Standard Operating Procedures (SOPs) and Security Policies.
- Contribute to the proper configuration of Afghan Mission Network (AMN).
- Provide, as requested, technical support to forensics investigations.
- Ad-hoc tasking from the Monitoring Detection Section (MDS) in support of investigations.
- Write scripts to automate repetitive tasks and have knowledge to interact with APIs.
- Conduct and direct technical aspects of trend and threat analysis in order to optimise sensors and to propose modifications to audit policies to security authorities.
- Analyse and interpret advisories from national and non-government CERTs for their relevance to the CIS and the development of associated signatures and event correlation.
- Conduct online research, such as developing new methods of detecting and monitoring new threats, keeping abreast of developments in the cyber arena.
- Review and refine the event analysis processes in order to optimise sensor configuration and correlation capabilities.
- Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications.
- Proficiency in Network (TCP/IP) Engineering and secure network design,
- Expert level in at least two of the following areas and a high level of experience in several of the other areas;
- Security Incidents Event Management products (SIEM) - e.g. ArcSight, Splunk.
- Network Based Intrusion Detection Systems (NIDS) - e.g. SourceFire.
- Full Packet Capture systems - e.g. Niksun, RSA/NetWitness.
- Host Based Intrusion Detection Systems (HIDS).
- Configuration, operation, troubleshooting and management (i.e. Tools Specialist) of security tools and appliances.
- A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances).
- Computer forensics tools (stand alone, online and network).
- Experience in writing scripts to automate repetitive tasks.
- Experience in office communication and information systems.
- Proficiency in Intrusion/Incident Detection and Handling.
- Have one or more professional SANS certifications.
This is a great role for the right candidate, so if you meet all the criteria above, then APPLY TODAY!