Teaching Assistant
نُشرت في :
16-04-2024
صاحب العمل نشط
1 وظيفة شاغرة
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
الوصف الوظيفي
رقم الوظيفة : 2410912
Second Line Security Event Analyst (SLSEA)
- Working Location: Mons, Belgium
- Security Clearance: NATO Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
University degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 4 years of specific Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidates particular abilities or experience that is/are of interest to NCI Agency; that is, at least 7 years extensive and progressive expertise in the duties related to the function of the post
Expert level in at least three of the following areas and a high level of experience in several of the other areas:
Security Incidents Event Management products (SIEM) Splunk
Network Based Intrusion Detection Systems (NIDS) SourceFire, Palo Alto Network Threat Prevention
Host Based Intrusion Detection Systems (HIDS)
Full Packet Capture systems Niksun, RSA/NetWitness
A variety of Security Event generating sources ( Firewalls, IDS, Routers, Security Appliances)
Computer incident response centre (CIRT), computer emergency response team (CERT)
Cloud-specific security tools
Splunk ES suite and Phantom SOAR
Proficiency in Intrusion/Incident Detection and Handling
Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications
Solid knowledge and experience in Splunk Enterprise Security Exceptionally this requirement can be compensated with proven level of expertise in network analysis and threat hunting
Desirable Qualifications/Experience:
Industry leading certification in the area of Cybersecurity, such as GCIA, GNFA, GCIH
A good understanding of Security, Orchestrations, Automationand Response (SOAR) concepts and their benefits to the protection of CIS infrastructures
A solid understanding of Information Security Practices relating to the Confidentiality, Integrity and Availability of information (CIA triad)
Solid knowledge and experience in threat hunting in corporate/government level environment
Strong knowledge of malware families and network attack vectors
Knowledge and experience in analysis of various threat actor groups, attack patterns and tactics, techniques, and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets
Ability to analyse attack vectors against a particular system to determine attack surface
Ability to produce contextual attack models applied to a scenario
Hands on experience on monitoring cloud services
DUTIES/ROLE:
Conduct detailed investigation and research of security events within NATO Cyber Security Centre (NCSC) team
Analyse firewall, IDS, anti-virus and other sensor-produced system security events and present findings
Provide detailed technical reports in support of incidents and capability improvements
Share security event/incident information with stakeholders via presentations and technical reports
Appropriately leverage the comprehensive extended toolset ( Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices ) to identify malicious Be able to recommend improvements to enable enhancing investigations
Propose possible optimisations and enhancements which help to maintain and improve NATOs Cyber Security posture
Implement and support threat hunting activities; create use cases and technical reports when requested
Analyse intelligence information gathered from internal and external threat intelligence resources
Identify security gaps in NATO infrastructure and develop custom content utilising available toolset
Provide expert investigative support of large scale and complex security incidents
Expert level in at least three of the following areas and a high level of experience in several of the other areas:
Security Incidents Event Management products (SIEM) Splunk
Network Based Intrusion Detection Systems (NIDS) SourceFire, Palo Alto Network Threat Prevention
Host Based Intrusion Detection Systems (HIDS)
Full Packet Capture systems Niksun, RSA/NetWitness
A variety of Security Event generating sources ( Firewalls, IDS, Routers, Security Appliances)
Computer incident response centre (CIRT), computer emergency response team (CERT)
Cloud-specific security tools
Splunk ES suite and Phantom SOAR
Proficiency in Intrusion/Incident Detection and Handling
Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications
Solid knowledge and experience in Splunk Enterprise Security Exceptionally this requirement can be compensated with proven level of expertise in network analysis and threat hunting
Desirable Qualifications/Experience:
Industry leading certification in the area of Cybersecurity, such as GCIA, GNFA, GCIH
A good understanding of Security, Orchestrations, Automationand Response (SOAR) concepts and their benefits to the protection of CIS infrastructures
A solid understanding of Information Security Practices relating to the Confidentiality, Integrity and Availability of information (CIA triad)
Solid knowledge and experience in threat hunting in corporate/government level environment
Strong knowledge of malware families and network attack vectors
Knowledge and experience in analysis of various threat actor groups, attack patterns and tactics, techniques, and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets
Ability to analyse attack vectors against a particular system to determine attack surface
Ability to produce contextual attack models applied to a scenario
Hands on experience on monitoring cloud services
DUTIES/ROLE:
Conduct detailed investigation and research of security events within NATO Cyber Security Centre (NCSC) team
Analyse firewall, IDS, anti-virus and other sensor-produced system security events and present findings
Provide detailed technical reports in support of incidents and capability improvements
Share security event/incident information with stakeholders via presentations and technical reports
Appropriately leverage the comprehensive extended toolset ( Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices ) to identify malicious Be able to recommend improvements to enable enhancing investigations
Propose possible optimisations and enhancements which help to maintain and improve NATOs Cyber Security posture
Implement and support threat hunting activities; create use cases and technical reports when requested
Analyse intelligence information gathered from internal and external threat intelligence resources
Identify security gaps in NATO infrastructure and develop custom content utilising available toolset
Provide expert investigative support of large scale and complex security incidents
نوع التوظيف
دوام كامل
المجال
المهارات المطلوبة
الإبلاغ عن هذه الوظيفة
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل.
نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا
