First Line Security Event Analyst (FLSEA) 6
- Working Location: Mons, Belgium
- Security Clearance : NATO Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
· A university degree in a technical subject with a focus on Information Technology (IT), obtained from a nationally recognised/certified institution in addition to a minimum of 1 year experience in the field of cyber security analysis. The lack of a degree may be compensated by at least 3 years of relevant experience in field of cyber security analysis. Similarly, candidate's lacking experience can compensate by demonstrating a high level of knowledge in the field of cybersecurity
· Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP networking, Windows and Linux operating systems
· Broad understanding of common network security threats and mitigation techniques
· Experience in the following:
· Security Information and Event Management products (SIEM) – e.g. ArcSight, Splunk
· Analysis of Network Based Intrusion Detection Systems (NIDS) events– e.g. SourceFire, Palo Alto Network Threat Prevention
· Log analysis from a variety of sources (e.g. Firewalls, Proxies, Routers, DNS and other security appliances)
· Network traffic capture analysis using Wireshark
· Logical approach to analysis and ability to perform structured security investigations using large, complex data sets
Desirable Qualifications/Experience:
· Holding industry leading certification in the area of cyber security such as GCIA, GNFA, GCIH
· Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT)
· Proficiency in Intrusion/Incident Detection and Handling
· Experience in the following areas:
ü Full Packet Capture systems – e.g. Niksun, RSA/NetWitness Host Based Intrusion Detection Systems (HIDS)
ü Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
ü Computer forensics tools (stand alone, online and network) Military communication systems and networks
DUTIES/ROLE:
· Conduct research and assessments of security events within NATO Cyber Security Centre (NCSC)team
· Provide analysis of firewall, IDS, anti-virus and other network sensor produced events and present findings
· Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) for enhancing investigations
· Support the end-to-end Incident Handling process
· Propose optimisations and enhancements which help to both maintain and improve NATO's Cyber Security posture
· Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP networking, Windows and Linux operating systems
· Broad understanding of common network security threats and mitigation techniques
· Experience in the following:
· Security Information and Event Management products (SIEM) – e.g. ArcSight, Splunk
· Analysis of Network Based Intrusion Detection Systems (NIDS) events– e.g. SourceFire, Palo Alto Network Threat Prevention
· Log analysis from a variety of sources (e.g. Firewalls, Proxies, Routers, DNS and other security appliances)
· Network traffic capture analysis using Wireshark
· Logical approach to analysis and ability to perform structured security investigations using large, complex data sets
Desirable Qualifications/Experience:
· Holding industry leading certification in the area of cyber security such as GCIA, GNFA, GCIH
· Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT)
· Proficiency in Intrusion/Incident Detection and Handling
· Experience in the following areas:
ü Full Packet Capture systems – e.g. Niksun, RSA/NetWitness Host Based Intrusion Detection Systems (HIDS)
ü Computer security tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
ü Computer forensics tools (stand alone, online and network) Military communication systems and networks
DUTIES/ROLE:
· Conduct research and assessments of security events within NATO Cyber Security Centre (NCSC)team
· Provide analysis of firewall, IDS, anti-virus and other network sensor produced events and present findings
· Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) for enhancing investigations
· Support the end-to-end Incident Handling process
· Propose optimisations and enhancements which help to both maintain and improve NATO's Cyber Security posture
$ads={2}
$ads={1}