Teaching Assistant
Posted on :
16-04-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Req ID : 2410912
Second Line Security Event Analyst (SLSEA)
- Working Location: Mons, Belgium
- Security Clearance: NATO Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
University degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 4 years of specific Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidates particular abilities or experience that is/are of interest to NCI Agency; that is, at least 7 years extensive and progressive expertise in the duties related to the function of the post
Expert level in at least three of the following areas and a high level of experience in several of the other areas:
Security Incidents Event Management products (SIEM) Splunk
Network Based Intrusion Detection Systems (NIDS) SourceFire, Palo Alto Network Threat Prevention
Host Based Intrusion Detection Systems (HIDS)
Full Packet Capture systems Niksun, RSA/NetWitness
A variety of Security Event generating sources ( Firewalls, IDS, Routers, Security Appliances)
Computer incident response centre (CIRT), computer emergency response team (CERT)
Cloud-specific security tools
Splunk ES suite and Phantom SOAR
Proficiency in Intrusion/Incident Detection and Handling
Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications
Solid knowledge and experience in Splunk Enterprise Security Exceptionally this requirement can be compensated with proven level of expertise in network analysis and threat hunting
Desirable Qualifications/Experience:
Industry leading certification in the area of Cybersecurity, such as GCIA, GNFA, GCIH
A good understanding of Security, Orchestrations, Automationand Response (SOAR) concepts and their benefits to the protection of CIS infrastructures
A solid understanding of Information Security Practices relating to the Confidentiality, Integrity and Availability of information (CIA triad)
Solid knowledge and experience in threat hunting in corporate/government level environment
Strong knowledge of malware families and network attack vectors
Knowledge and experience in analysis of various threat actor groups, attack patterns and tactics, techniques, and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets
Ability to analyse attack vectors against a particular system to determine attack surface
Ability to produce contextual attack models applied to a scenario
Hands on experience on monitoring cloud services
DUTIES/ROLE:
Conduct detailed investigation and research of security events within NATO Cyber Security Centre (NCSC) team
Analyse firewall, IDS, anti-virus and other sensor-produced system security events and present findings
Provide detailed technical reports in support of incidents and capability improvements
Share security event/incident information with stakeholders via presentations and technical reports
Appropriately leverage the comprehensive extended toolset ( Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices ) to identify malicious Be able to recommend improvements to enable enhancing investigations
Propose possible optimisations and enhancements which help to maintain and improve NATOs Cyber Security posture
Implement and support threat hunting activities; create use cases and technical reports when requested
Analyse intelligence information gathered from internal and external threat intelligence resources
Identify security gaps in NATO infrastructure and develop custom content utilising available toolset
Provide expert investigative support of large scale and complex security incidents
Expert level in at least three of the following areas and a high level of experience in several of the other areas:
Security Incidents Event Management products (SIEM) Splunk
Network Based Intrusion Detection Systems (NIDS) SourceFire, Palo Alto Network Threat Prevention
Host Based Intrusion Detection Systems (HIDS)
Full Packet Capture systems Niksun, RSA/NetWitness
A variety of Security Event generating sources ( Firewalls, IDS, Routers, Security Appliances)
Computer incident response centre (CIRT), computer emergency response team (CERT)
Cloud-specific security tools
Splunk ES suite and Phantom SOAR
Proficiency in Intrusion/Incident Detection and Handling
Comprehensive knowledge of the principles of computer and communications security, networking, and the vulnerabilities of modern operating systems and applications
Solid knowledge and experience in Splunk Enterprise Security Exceptionally this requirement can be compensated with proven level of expertise in network analysis and threat hunting
Desirable Qualifications/Experience:
Industry leading certification in the area of Cybersecurity, such as GCIA, GNFA, GCIH
A good understanding of Security, Orchestrations, Automationand Response (SOAR) concepts and their benefits to the protection of CIS infrastructures
A solid understanding of Information Security Practices relating to the Confidentiality, Integrity and Availability of information (CIA triad)
Solid knowledge and experience in threat hunting in corporate/government level environment
Strong knowledge of malware families and network attack vectors
Knowledge and experience in analysis of various threat actor groups, attack patterns and tactics, techniques, and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets
Ability to analyse attack vectors against a particular system to determine attack surface
Ability to produce contextual attack models applied to a scenario
Hands on experience on monitoring cloud services
DUTIES/ROLE:
Conduct detailed investigation and research of security events within NATO Cyber Security Centre (NCSC) team
Analyse firewall, IDS, anti-virus and other sensor-produced system security events and present findings
Provide detailed technical reports in support of incidents and capability improvements
Share security event/incident information with stakeholders via presentations and technical reports
Appropriately leverage the comprehensive extended toolset ( Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices ) to identify malicious Be able to recommend improvements to enable enhancing investigations
Propose possible optimisations and enhancements which help to maintain and improve NATOs Cyber Security posture
Implement and support threat hunting activities; create use cases and technical reports when requested
Analyse intelligence information gathered from internal and external threat intelligence resources
Identify security gaps in NATO infrastructure and develop custom content utilising available toolset
Provide expert investigative support of large scale and complex security incidents
Employment Type
Full Time
Company Industry
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
