Cyber Security Intelligence Analyst

Mons (Arrondissement), Hainaut (BE)
Approx. daily rates in Euros: 350.00-450.00 per day
21 Oct 2020
18 Nov 2020
Clearance Level
Job Type

Skills Knowledge Experience:
* Significant demonstrable experience in Cyber Security related environment, with an emphasis on both event analysis and post-Incident Management.
* Experience in liaising at both the technical and managerial level in the successful resolution of Cyber Security Incidents, the incumbent must have excellent written and spoken communication skills.
* Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security Incidents.
Experience I Education Equivalence: 
* If the candidate has a RELEVANT degree (e.g. Computer Security), this counts towards equivalence for the demonstrable experience, however irrespective of the candidate's education, some hands on experience within an equivalent role is required: 
* Essential to have one or more professional SANS (e.g., GSEC, GCIA) and/or CISSP and/or CISM Certifications.
* Senior level of management and analysis of (i.e. Security Event Analyst experience) Cyber Security Incidents, and/or configuration, operation, troubleshooting and management (i.e. Tools Specialist) in at least one of the following areas, and a high level of experience in several of the other areas:
* ArcSight products,  Network Based Intrusion Detection Systems (NIDS), Host Based Intrusion Detection Systems (HIDS), Network security appliances and networking devices and associated management software. 
* A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances), Computer Incident Response Centre (CIRC), Computer Emergency Response Team (CERT), Computer Forensics Tools (stand alone, online and network).  
* Computer Security Tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus. 
* Protocol Analysis, Anti-Spyware, etc.). Secure web design and development. 
* Military communication systems and networks. Network, system and application level troubleshooting techniques.
* Ability to effectively manage own workload in a high tempo environment to Time, Quality and Standards.      * Ability to effectively communicate technical solutions to various audiences, both technical/non-technical.
* Be self-motivated and driven to follow-up Cyber Security Incidents to their logical conclusion.
* Security clearance to NATO SECRET.
* Ability to work in an International environment embedded in the Customer's location in mainland Europe.
* Previous experience of working with NATO.

As the Incident Handling Officer dedicated to the interaction with NATO Partners (Industry , non-NATO Nations , NGOs , etc),embedded within the NCIRC working environment , the successful candidate will be required to use their knowledge and experience to work on Cyber Security Incident Handling and Reporting , with an emphasis on post - Incident Analysis . 

Their role will involve fusing Cyber Threat Intelligence & Analysis from all relevant sources currently available to NCIRC for redistribution based on existing MoUs, Technical Agreements and Industry Partnership Agreements . 

The incumbent will also be in charge of engaging with NATO Cyber Threat Intelligence Stake Holders to improve the quantity/quality of information exchanged . 
The incumbent will maintain the content of existing information sharing platforms (i.e . MISP) as well as propose improvements. He will foster and maintain an active information sharing relationship with CSSL partners and contributes to CSSL products . 

Key Responsibilities: 
• Collation/Analysis of Cyber Threat Intelligence . 
• Dissemination of Cyber Threat Analysis to the appropriate audiences . 
• Pro -active engagement with the Cyber Threat Intelligence Community both internal/external to NATO . 
• Monthly reporting on approved KPls for Cyber Threat Intelligence sources . 
• Creation/maintenance of Standard Operating Procedures ( SOPs ) to support all aspects of their role . 
• Monthly reporting to both the Customer and Business Stake Holders . 
• Ad-hoc taskings from the Incident Management Section (IMS) in support to investigations ; 
• Improvement of NCIRC TC processes for receiving , searching, analysing , and storing cyber threat data . 
• Design/maintain/improve an automatic Cyber Threat sharing capability . 
• Regular , at least monthly , Knowledge Transfer meetings with appropriate Stake Holders , focusing on : Key Cyber Security Threats, particularly those that may have an impact on NATO Significant Cyber Security Incidents , including relevant post-Incident Analysis. Improvements to the Cyber Security processes currently in use within NCIRC TC IMSCyber Security Incident Trends. 

Similar jobs

Similar jobs