Cyber Security Analyst/Splunk
Posted on Sep 30, 2020 by Endeavour Recruitment
Splunk Cyber Security Analyst with extensive Splunk experience required to reinforce its fast growing Security team.
Location: The Hague, Netherlands
As a Cyber Security Analyst, you will be part of the Security team involved in various Security projects including: cybersecurity, cryptography, PKI, reverse engineering, malware detection, penetration testing, Security of critical systems, Security Analysis.
- Actively monitor customer network and security logs (using primarily Splunk)
- Build relevant Splunk reports
- Identify, escalate and if necessary investigate cybersecurity anomalies and potential security incidents together with Customer staff
- Analyse and respond to cybersecurity related anomalies reported by users
- Draft workflows and procedures regarding security monitoring and investigations
- Propose strategies and prepare mechanisms for the prevention, containment and addressing of cyber threats
- Secondary tasks
- In addition to the primary tasks identified above, in partnership with our SOC (non-exhaustive list):
- Carry out penetration and/or vulnerability tests on specific system(s)
- Prepare and/or deliver awareness raising sessions
- Conduct technical risk assessments of specific systems using Customer templates and methodologies
- Analyse technical security impact of new technologies planned to be deployed
- Develop technical security controls for new and existing systems/technologies deployed at Eurojust
- Provide technical security expertise in discussions about different systems/solutions
- 4+ years direct experience with Splunk as an Engineer or Administrator.
- 7+ years of experience investigating network threats with advanced analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs, etc.
- TCP/IP Networking skills to perform packet and log analysis.
- Must be a motivated and customer-focused SIEM engineer who can work as a subject matter expert.
- Requires expert level understanding of SIEM platforms.
- Strong understanding of Splunk Use Case creation, Dashboards and Tuning.
- Strong Splunk Enterprise Security (ES) experience to include Index Design, Infrastructure, Data Collection, Deployment Management, Data Enrichment, Querying, Integration and Operations.
- Security Analysis experience to include incident classification, investigation and remediation.
- Must have, or be qualified to obtain, a government clearance at the Secret level.
- Your Profile
- Degree in Computer Science or related field
- Fluent in English as this is the communication language in the region and Group
- Diplomacy and pragmatism: ability to transform governance into technical solutions
- Project Management skills is a plus
- Must be able to pass a background check, valid clearance to EU Secret and NATO secret is a plus
Please apply with your CV reflecting the required skills and experience.