C003333 First Line Security Event Analyst (FLSEA) 3 (NS) - FRI 3 May > EMW > Joboolo BE :
Société : EMW Lieu : Mons Wallonia Site source : Talent BE
The analyst will collate information and present findings in a clear, structured format, providing remediation recommendations and firstline response where applicable.
Conduct research and assessments of securityevents within NATO Cyber Security Centre (NCSC)team - Provide analysis of firewall, IDS, anti-virus and other network sensor produced events and present findings - Appropriately leverage the comprehensive extended toolset ( Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) for enhancing investigations - Support the end-to-end Incident Handling process - Propose optimisations and enhancements which help to both maintain and improve NATO's Cyber Security posture Requirements NATO Secret security clearance A university degree in a technical subject with a focus on Information Technology (IT), obtained from a nationally recognised/certified institution in addition to a minimum of 1 year experience in the field of cyber security analysis.
The lack of a degree may be compensated by at least 3 years of relevant experience in field of cyber security analysis.
Similarly, candidate's lacking experience can compensate by demonstrating a high level of knowledge in the field of cybersecurity.
Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP networking, Windows and Linux operating systems - Broad understanding of common network security threats and mitigation techniques - Experience in the following:
- Security Information and Event Management products (SIEM) – ArcSight, Splunk - Analysis of Network Based Intrusion Detection Systems (NIDS) events– SourceFire, Palo Alto Network Threat Prevention - Log analysis from a variety of sources ( Firewalls, Proxies, Routers, DNS and other security appliances) - Network traffic capture analysis using Wireshark - Logical approach to analysis and ability to perform structured security investigations using large, complex data sets - Good written and spoken communication skills - Ability to work independently and as part of a team Desirable Holding industry leading certification in the area of cyber security such as GCIA, GNFA, GCIH - Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT) - Proficiency in Intrusion/Incident Detection and Handling - Experience in the following areas:
Full Packet Capture systems – Niksun, RSA/NetWitness Host Based Intrusion Detection Systems (HIDS) Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.) Computer forensics tools (stand alone, online and network) Military communication systems and networks EMW MonsWallonia
