Cyber Security Intelligence Analyst
Skills Knowledge Experience:
* Significant demonstrable experience in Cyber Security related environment, with an emphasis on both event analysis and post-Incident Management.
* Experience in liaising at both the technical and managerial level in the successful resolution of Cyber Security Incidents, the incumbent must have excellent written and spoken communication skills.
* Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security Incidents.
Experience I Education Equivalence:
* If the candidate has a RELEVANT degree (e.g. Computer Security), this counts towards equivalence for the demonstrable experience, however irrespective of the candidate's education, some hands on experience within an equivalent role is required:
* Essential to have one or more professional SANS (e.g., GSEC, GCIA) and/or CISSP and/or CISM Certifications.
* Senior level of management and analysis of (i.e. Security Event Analyst experience) Cyber Security Incidents, and/or configuration, operation, troubleshooting and management (i.e. Tools Specialist) in at least one of the following areas, and a high level of experience in several of the other areas:
* ArcSight products, Network Based Intrusion Detection Systems (NIDS), Host Based Intrusion Detection Systems (HIDS), Network security appliances and networking devices and associated management software.
* A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances), Computer Incident Response Centre (CIRC), Computer Emergency Response Team (CERT), Computer Forensics Tools (stand alone, online and network).
* Computer Security Tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus.
* Protocol Analysis, Anti-Spyware, etc.). Secure web design and development.
* Military communication systems and networks. Network, system and application level troubleshooting techniques.
* Ability to effectively manage own workload in a high tempo environment to Time, Quality and Standards. * Ability to effectively communicate technical solutions to various audiences, both technical/non-technical.
* Be self-motivated and driven to follow-up Cyber Security Incidents to their logical conclusion.
* Security clearance to NATO SECRET.
* Ability to work in an International environment embedded in the Customer's location in mainland Europe.
* Previous experience of working with NATO.
As the Incident Handling Officer dedicated to the interaction with NATO Partners (Industry , non-NATO Nations , NGOs , etc),embedded within the NCIRC working environment , the successful candidate will be required to use their knowledge and experience to work on Cyber Security Incident Handling and Reporting , with an emphasis on post - Incident Analysis .
Their role will involve fusing Cyber Threat Intelligence & Analysis from all relevant sources currently available to NCIRC for redistribution based on existing MoUs, Technical Agreements and Industry Partnership Agreements .
The incumbent will also be in charge of engaging with NATO Cyber Threat Intelligence Stake Holders to improve the quantity/quality of information exchanged .
The incumbent will maintain the content of existing information sharing platforms (i.e . MISP) as well as propose improvements. He will foster and maintain an active information sharing relationship with CSSL partners and contributes to CSSL products .
• Collation/Analysis of Cyber Threat Intelligence .
• Dissemination of Cyber Threat Analysis to the appropriate audiences .
• Pro -active engagement with the Cyber Threat Intelligence Community both internal/external to NATO .
• Monthly reporting on approved KPls for Cyber Threat Intelligence sources .
• Creation/maintenance of Standard Operating Procedures ( SOPs ) to support all aspects of their role .
• Monthly reporting to both the Customer and Business Stake Holders .
• Ad-hoc taskings from the Incident Management Section (IMS) in support to investigations ;
• Improvement of NCIRC TC processes for receiving , searching, analysing , and storing cyber threat data .
• Design/maintain/improve an automatic Cyber Threat sharing capability .
• Regular , at least monthly , Knowledge Transfer meetings with appropriate Stake Holders , focusing on : Key Cyber Security Threats, particularly those that may have an impact on NATO Significant Cyber Security Incidents , including relevant post-Incident Analysis. Improvements to the Cyber Security processes currently in use within NCIRC TC IMSCyber Security Incident Trends.
More searches like this
- Aerospace NATO Contract £120,000 - £129,999 jobs in Belgium
- Biotechnology NATO Contract £120,000 - £129,999 jobs in Belgium
- Central Government NATO Contract £120,000 - £129,999 jobs in Belgium
- Consultancy NATO Contract £120,000 - £129,999 jobs in Belgium
- Cyber Security NATO Contract £120,000 - £129,999 jobs in Belgium