About this job

Sapienza Consulting is recruiting a Forensics / Malware Analysis Senior Tool Engineer to work at NCIA in Mons, Belgium.

Responsibilities

As Forensics / Malware Analysis (MA) Senior Tool Engineer, the incumbent will be responsible for supporting Cyber Defence operations, maintaining, updating and improving the tool’s configuration to match the threat environment, specifically for Forensics and Malware Analysis activities. The Forensics / MA Senior Tool Engineer will report to the Head, Security Tools Management Section and will collaborate with the engineers from the Incident Analysis and Response Section as the users of the tools and the staff from Platform and Infrastructure management Section for the platform support. The main duties will be to tune the security tools for optimum performance, ensuring that all NCIRC specialist applications that permit computer forensics and malware analysis are installed, configured, fully available and integrated with each other where possible. Main responsibilities:Install, Configure and admin Cyber Defence associated specialist tools (see below) :

• Online Computer Forensics (OCF) , namely Access Data Enterprise, Fidelis Endpoint and OpenText Encase Enterprise.
• Malware Analysis, namely Cuckoo, Opswat MetascanTo ensure that all NCIRC specialist applications related to on-line computer forensics tools and malware analysis are installed, configured, monitored and running properly and in line with dependencies with others systems or applications according NCSC needs.
• Develop scripts and code to facilitate the integration of the different tools.
• Proactively recommend optimizations to capabilities to provide effective and efficient service operations.
• Work out implementation plans for new capabilities and take ownership to ensure rapid implementation of those new tools and optimizations. Initiate, prepare, follow and defend the specialist applications upgrades in front of the Change Management Board.Implement the approved changes.
• Review security documentation and provide technical advice in Forensics and MA area, when requested. Maintain awareness of new technologies and developments, industry standards and best practices within the NCSC community for Forensics / MA tools, participating in knowledge sharing with other analysts and develop solutions efficiently.
• Perform other essential duties as assigned, as technical reports and/or executive level reports production.

Profile

• Essential to have Bachelor’s Degree in Computer Science combined with minimum of 5 years’ experience in as System or Security Engineer or similar position, or a Secondary education and completed advanced vocational education (loading to a professional qualification or professional accreditation) with 8 years post related experience.
• Excellent practical hands-on experience in systems and tools administration (Windows/Linux).
• Troubleshooting of Linux, Windows infrastructures and network filtering issues;
• Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell).
• Understanding of forensic processes and concepts.
• Understanding of Malware Analysis processes, tools and techniques
• Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
• In depth knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
• Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams
• Must hold a NATO Secret Security Clearance
• Candidate must be eligible in EU countries

Desirable:

• Experience with system instrumentation solutions such as Ansible, Chef, …
• Experience with hands-on pentesting or cyber capture flag (CTF) challenges.
• Practical experience with forensic analysis, threat hunting, malware analysis, …
• Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
• A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
• Prior experience of working in an international environment comprising both military and civilian elements.

For information on how we process the personal data in your application, please see the Sapienza Privacy Statement here