Splunk Cyber Security Analyst
Posted on Sep 19, 2020 by Endeavour Recruitment
Splunk Cyber Security Analyst with extensive Splunk experience required to reinforce its fast growing Security team.
The Hague, Nederlands
Rate: 450€ per day
As a Cyber Security Analyst, you will be part of the Security team involved in various Security projects including: cybersecurity, cryptography, PKI, reverse engineering, malware detection, penetration testing, Security of critical systems, Security Analysis.
o Actively monitor customer network and security logs (using primarily Splunk)
o Build relevant Splunk reports
o Identify, escalate and if necessary investigate cybersecurity anomalies and potential security incidents together with Customer staff
o Analyse and respond to cybersecurity related anomalies reported by users
o Draft workflows and procedures regarding security monitoring and investigations
o Propos strategies and prepare mechanisms for the prevention, containment and addressing of cyber threats
o In addition to the primary tasks identified above, in partnership with our SOC (non-exhaustive list):
o Carry out penetration and/or vulnerability tests on specific system(s)
o Prepare and/or deliver awareness raising sessions
o Conduct technical risk assessments of specific systems using Customer templates and methodologies
o Analyse technical security impact of new technologies planned to be deployed
o Develop technical security controls for new and existing systems/technologies deployed at Eurojust
o Provide technical security expertise in discussions about different systems/solutions
4+ years direct experience with Splunk as an Engineer or Administrator.
7+ years of experience investigating network threats with advanced analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs, etc.
TCP/IP Networking skills to perform packet and log analysis.
Must be a motivated and customer-focused SIEM engineer who can work as a subject matter expert.
Requires expert level understanding of SIEM platforms.
Strong understanding of Splunk Use Case creation, Dashboards and Tuning.
Strong Splunk Enterprise Security (ES) experience to include Index Design, Infrastructure, Data Collection, Deployment Management, Data Enrichment, Querying, Integration and Operations.
Security Analysis experience to include incident classification, investigation and remediation.
Must have, or be qualified to obtain, a government clearance at the Secret level.
Degree in Computer Science or related field
Fluent in English as this is the communication language in the region and Group
Diplomacy and pragmatism: ability to transform governance into technical solutions
Project Management skills is a plus
Must be able to pass a background check, valid clearance to EU Secret and NATO secret is a plus
Please apply with your CV reflecting the required skills and experience.