Cyber Security Event Analyst

Location
Mons (Arrondissement), Hainaut (BE)
Salary
Approx daily rates in Euros: 300.00-400.00 per day
Posted
21 Oct 2020
Closes
18 Nov 2020
Ref
JG/1471A
Clearance Level
NATO, SC
Job Type
Contract

Mandatory 
• Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications.
• Proficiency in Network (TCP/IP) Engineering and secure network design,
• Expert level in at least two of the following areas and a high level of experience in several of the other areas;
• Security Incidents Event Management products (SIEM) – e.g. ArcSight, Splunk.
• Network Based Intrusion Detection Systems (NIDS) – e.g. SourceFire. 
• Full Packet Capture systems – e.g. Niksun, RSA/NetWitness.
• Host Based Intrusion Detection Systems (HIDS).
• Configuration, operation, troubleshooting and management (i.e. ToolsSpecialist) of security tools and appliances.
• A variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances).
• Computer forensics tools (stand alone, online and network).
• Experience in writing scripts to automate repetitive tasks.
• Experience in office communication and information systems.Desirable 
• Proficiency in Intrusion/Incident Detection and Handling.
• Have one or more professional SANS certifications.

Duties/Role: 
This contractor will fill the cyber security event analyst position required for networks in NATO Cyber Security Centre’s Area of Responsibility including RSM (Resolute Support Mission).

Mandatory
• Perform analysis of security events and support First Line Security Event Analysts.
• Perform ticket reviews. 
• Retrieval and support in the analysis of Full Packet Captures (FPC).
• Signature creation e.g. SNORT rules.
• Test and evaluation of signatures and rules prior to deployment in the operational environment.
• Evaluation and implementation of sensor tuning requests.
• Creation and updating of Standard Operating Procedures (SOPs) and Security Policies.
• Contribute to the proper configuration of Afghan Mission Network (AMN).
• Provide, as requested, technical support to forensics investigations.
• Ad-hoc tasking from the Monitoring Detection Section (MDS) in support of investigations.
• Write scripts to automate repetitive tasks and have knowledge to interact with APIs.Desirable
• Conduct and direct technical aspects of trend and threat analysis in order to optimise sensors and to propose modifications to audit policies to NATO security authorities.
• Analyse and interpret advisories from national and non-government CERTs for their relevance to NATO CIS and the development of associated signatures and event correlation.
• Conduct online research, such as developing new methods of detecting and monitoring new threats, keeping abreast of developments in the cyber arena.
• Review and refine the event analysis processes in order to optimise sensor configuration and correlation capabilities.

Similar jobs

Similar jobs