About this job

Sapienza Consulting is recruiting a Cyber Security Event Analyst to work a NCIA in Mons, Belgium.

Responsibilities

• Perform analysis of security events and support First Line Security Event Analysts.
• Perform ticket reviews.
• Retrieval and support in the analysis of Full Packet Captures (FPC).
• Signature creation e.g. SNORT rules.
• Test and evaluation of signatures and rules prior to deployment in operational environment.
• Evaluation and implementation of sensor tuning requests.
• Creation and updating of Standard Operating Procedures (SOPs) and Security Policies.
• Contribute to the proper configuration of Afghan Mission Network (AMN).
• Provide, as requested, technical support to forensics investigations.
• Ad-hoc tasking from the Monitoring Detection Section (MDS) in support of investigations.
• Write scripts to automate repetitive tasks and have knowledge to interact with APIs.
• Conduct and direct technical aspects of trend and threat analysis in order to optimise sensors and to propose modifications to audit policies to NATO security authorities.
• Analyse and interpret advisories from national and non-government CERTs for their relevance to NATO CIS and development of associated signatures and event correlation.
• Conduct online research, such as developing new methods of detecting and monitoring new threats, keeping abreast of developments in the cyber arena.
• Review and refine the event analysis processes in order to optimise sensor configuration and correlation capabilities.

Profile

• Required Security Clearance: NATO Secret
• Comprehensive knowledge of principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications.
• Proficiency in Network (TCP/IP) Engineering and secure network design,
• Expert level in at least two of the following areas and a high level of experience in several of the other areas;
• Security Incidents Event Management products (SIEM) – e.g. ArcSight, Splunk.
• Network Based Intrusion Detection Systems (NIDS) – e.g.
• Full Packet Capture systems – e.g. Niksun, RSA/NetWitness.
• Host Based Intrusion Detection Systems (HIDS).
• Configuration, operation, troubleshooting and management (i.e. Tools Specialist) of security tools and appliances.
• Variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances).
• Computer forensics tools (stand alone, online and network).
• Experience in writing scripts to automate repetitive tasks.
• Experience in office communication and information systems.

Desirable

• Proficiency in Intrusion / Incident Detection and Handling
• Have one or more professional SANS certifications

Candidates must be eligible to work in the EU

For information on how we process the personal data in your application, please see the Sapienza Privacy Statement here.