Cyber Security Events Analyst

Location
Mons, Belgium
Salary
Negotiable
Posted
10 Apr 2017
Closes
08 May 2017
Ref
TI1170
Clearance Level
DV, NATO, SC
Job Type
Contract

CYBER SECURITY EVENTS ANALYST

LOCATION: Mons, Belgium

CLIENT: NATO

DURATION: 5 months with extensions

CONTRACT: Consultant

SALARY: Negotiable daily rate

WORK HOURS: Monday to Friday, normal working hours

CLEARANCE: NATO SECRET

TASKS:

  • Provide technical support and assistance to NATO CIS Operating Authorities
  • Analyse and interpret advisories from national and non-government CERTs for their relevance to NATO CIS and development of associated signatures and event correlation
  • Assist in initial selection and assessment of security tools relating to Event Analysis Cell responsibilities
  • Manage 24/7 event analysis activities
  • Perform technical coordination as required with national, non-governmental and NATO CIS authorities
  • Provide, as requested, technical support to forensic investigation
  • Develop customised sensor and correlation filters and signatures to address NATO-specific threats and vulnerabilities
  • Develop signature database to record all authorised event filters, customised signatures and sensor configurations
  • Provide technical direction to cell head incident-related research conducted by the Cell
  • Review and refine event analysis processes in order to optimise sensor configuration and correlation capabilities
  • Conduct and direct technical aspects of trend and threat analysis in order to optimise NCIRC sensors and to propose modifications to audit policies to NATO security authorities
  • Prepares and delivers reports and presentations to NATO and national security authorities, INFOSEC communities and CIS operating authorities on all aspects of event analysis and interpretation
  • Co-ordinate assistance to TIER 3 as required in respect to event analysis and interpretation
  • Develop of standard operating procedures covering all aspects of event analysis

REQUIREMENTS:

  • Comprehensive knowledge of principles of computer and communications security, networking and vulnerabilities of modern operating systems and applications
  • Proficiency with Network (TCP/IP) Engineering and secure network design
  • Proficiency with Intrusion/Incident Detection and Handling
  • Proficiency with Security Assessment
  • Practical experience in system administration and network administration
  • Experience in analysis of risk and in implementation and integration of cyber security protective measures
  • Experience in office communication and information systems
  • NATO SECRET clearance required

DESIRABLES:

  • Degree in IT or CIS security related discipline
  • Member of recognized professional body or institution
  • Relevant certifications, such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or GIAC Security
  • Experience in interpretation and mitigation of CIS security vulnerabilities
  • Experience in Intrusion Detection and Incident Handling