Cyber Security Engineer

Ref Number

1352

Type

Permanent

Location

Mons, Belgium

Clearance

SC / NATO

Salary

Competitive

The successful candidate will be required to use their expert knowledge of SOC technologies to support, maintain, troubleshoot and tune the security devices, working in conjunction with other cyber security specialists as an integral part of a wider system implementation within the SOC.

You will be responsible for working with the Security Event Analysts to help tune the security tools for optimum performance. Ensuring that all specialist applications such as event correlation (and its associated remote data collection feeds), network discovery, network traffic pattern/flow analysis, mail content checking, extrusion detection and on-line computer forensics tools are installed, configured and operational.

This role will include configuration and administration of a range of cyber defence specialist tools, primarily focussed on Network Intrusion Protection (NIPS) and Full Packet Capture (FPC). Successful candidates may become involved in the investigation in to security events to establish if these are expected tool behaviours, events or a security threat.

Role Requirements

Responsibilities

Provide engineering guidance to support all security devices within the SOC.

Develop all systems and architecture of the SOC.

Participate in the integration, build and deployment of client SOC services

Ensure that relationships with clients’ Networking teams are built and sustained to deliver a seamless integrated service.

Share knowledge with CIRT and SOC Analyst teams

Document all procedures and process

Be an ArcSight SIEM SME

Essential Skills

Deep understanding of ArcSight is essential

Experience of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO. Knowledge of Sourcefire/Snort.

A sound knowledge of IT security procedures, common attack types and detection / prevention methods.

Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours

In depth experience of other common devices, such as routers, switches, hubs.

Good understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP)

Experienced with integrating existing IT infrastructures into the ArcSIght SIEM / SOC solution from inception through to support

Understanding of various SOC standards and reporting requirements i.e. GPG13

Experience implementing SOC reporting and governance

Experience with SOC automation and workflow products such as Archer GRC

Would you like to be considered for this role?