Cyber Security Event Analyst
- Employer
- Algida Gaidyte
- Location
- Mons, Belgium
- Salary
- Daily rate is negotiable
- Closing date
- 15 Jan 2019
View more
- Clearance Level
- DV, SC, NATO
- Sector
- Consultancy, Cyber Security, Engineering
- Job Type
- Contract
You need to sign in or create an account to save a job.
LOCATION: Mons, Belgium
CLIENT: NATO
DURATION: 1 year with possible extensions
CONTRACT: Consultant
SALARY: Negotiable daily rate
WORK HOURS: Monday to Friday, normal working hours
CLEARANCE: NATO Secret
START DATE: 01/02/2019
TASKS
- This contractor will fill the cyber security event analyst position required for RSM (Resolute Support Mission)
- Contribute to the proper configuration of Afghan Mission Network (AMN)
- Support Level 1 Event Analysts for AMN
- Review the tickets
- Support for analysis of events
- Retrieval and support in the analysis of Full Packet Captures (FPC)
- Signature creation e.g. SNORT rules,
- Test and evaluation of signatures and rules prior to deployment in the operational environment
- Evaluation and implementation of sensor tuning requests
- Assistance in the support of legacy cyber sensor products
- Creation and updating of Standard Operating Procedures (SOPs) and Security Policies
- Provide, as requested, technical support to forensics investigation
- Ad-hoc tasking from the Incident Management Section (IMS) in support to investigations
- Write scripts to automate the repetitive tasks and have knowledge to interact with APIs
- Conduct and direct technical aspects of trend and threat analysis in order to optimise sensors and to propose modifications to audit policies to NATO security authorities
- Analyse and interpret advisories from national and non-government CERTs for their relevance to NATO CIS and the development of associated signatures and event correlation,
- Conduct online research, such as developing new methods of detecting and monitoring new threats, keeping abreast of developments in the cyber arena
- Review and refine the event analysis processes in order to optimise sensor configuration and correlation capabilities
REQUIREMENTS
- Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications
- Proficiency in Network (TCP/IP) Engineering and secure network design
- Expert level in at least two of the following areas and a high level of experience in several of the other areas
- Security Incidents Event Management products (SIEM) – e.g. ArcSight, Splunk
- Network Based Intrusion Detection Systems (NIDS) – e.g. SourceFire, Page 4 of 4
- Full Packet Capture systems – e.g. Niksun, RSA/NetWitness
- Host Based Intrusion Detection Systems (HIDS)
- Configuration, operation, troubleshooting and management (i.e. Tools Specialist) of security tools and appliances
- A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances)
- Computer forensics tools (stand alone, online and network)
- Experience in writing scripts to automate repetitive tasks
- Experience in office communication and information systems
- Proficiency in Intrusion/Incident Detection and Handling
- Have one or more professional SANS certifications
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert