Cyber Security Event Analyst

Mons (Arrondissement), Hainaut (BE)
Approx daily rates in Euros: 300.00-400.00 per day
21 Oct 2020
18 Nov 2020
Clearance Level
Job Type

• Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications.
• Proficiency in Network (TCP/IP) Engineering and secure network design,
• Expert level in at least two of the following areas and a high level of experience in several of the other areas;
• Security Incidents Event Management products (SIEM) – e.g. ArcSight, Splunk.
• Network Based Intrusion Detection Systems (NIDS) – e.g. SourceFire. 
• Full Packet Capture systems – e.g. Niksun, RSA/NetWitness.
• Host Based Intrusion Detection Systems (HIDS).
• Configuration, operation, troubleshooting and management (i.e. ToolsSpecialist) of security tools and appliances.
• A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances).
• Computer forensics tools (stand alone, online and network).
• Experience in writing scripts to automate repetitive tasks.
• Experience in office communication and information systems.Desirable 
• Proficiency in Intrusion/Incident Detection and Handling.
• Have one or more professional SANS certifications.

This contractor will fill the cyber security event analyst position required for networks in NATO Cyber Security Centre’s Area of Responsibility including RSM (Resolute Support Mission).

• Perform analysis of security events and support First Line Security Event Analysts.
• Perform ticket reviews. 
• Retrieval and support in the analysis of Full Packet Captures (FPC).
• Signature creation e.g. SNORT rules.
• Test and evaluation of signatures and rules prior to deployment in the operational environment.
• Evaluation and implementation of sensor tuning requests.
• Creation and updating of Standard Operating Procedures (SOPs) and Security Policies.
• Contribute to the proper configuration of Afghan Mission Network (AMN).
• Provide, as requested, technical support to forensics investigations.
• Ad-hoc tasking from the Monitoring Detection Section (MDS) in support of investigations.
• Write scripts to automate repetitive tasks and have knowledge to interact with APIs.Desirable
• Conduct and direct technical aspects of trend and threat analysis in order to optimise sensors and to propose modifications to audit policies to NATO security authorities.
• Analyse and interpret advisories from national and non-government CERTs for their relevance to NATO CIS and the development of associated signatures and event correlation.
• Conduct online research, such as developing new methods of detecting and monitoring new threats, keeping abreast of developments in the cyber arena.
• Review and refine the event analysis processes in order to optimise sensor configuration and correlation capabilities.

Similar jobs

Similar jobs