Senior Security Operations Centre Analyst
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Senior Security Operations Centre Analyst
Competitive Salary
Long Term Contract
Belgium
Good English Language Mandatory
Skills & Experience:
-SOC Analyst and/or first line incident responder
-Risk Assessment Methodologies: EBIOS, CRAMM, PILAR or equivalent
-STIX (Structured Threat Information Expression) with a particular focus on the following related standards:
-CybOX (Cyber Observables)
-CAPEC (Attack Patterns)
-MAEC (Malware)
-TAXII (Threat Information Exchange)
-Networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.)
-Experience in using, configuring and tuning a SIEM
-Knowledge of network security solution/technologies: Firewalls, Network IDS and IPS, Switches and routers, APT detection solutions such as FireEye; DNS, DHCP, VPN. Network forensics (full packet capture), Traffic baselining analysis,
-Knowledge of Host-based security solutions, HIPS, Malware end-point protection, OS logs
-Strong knowledge of Windows security events analysis
-Strong knowledge in the security analysis of firewall, proxy, and IDS logs
-Writing and optimizing IDS signatures (preferably SNORT and/or SURICATA)
-Strong knowledge in the security analysis of Applicable or Middleware logs (Oracle, Apache, WebLogic)
-Writing and optimizing YARA rules
Tools:
-SIEM (Arcsight ESM 6.x, Q-RADAR, or equivalent
-Log management solution (Arcsight Loggers and/or QRADAR and/or Splunk or equivalent
-SNORT or SourceFire NGIPS, FireSIGHT
-Suricata/StamusNetworks
-ELK (ElasticSearch, Logstash & Kibana)
-FireEye Ex, Nx, Ax, Fx, Hx, Ix
-CheckPoint and Juniper Firewalls
-BlueCoat proxies
Education/Certificates:
At least 1 certification in the field of incident handling:
-GCIH (GIAC Certified Incident Handler)
-GCIA (GIAC Certified Intrusion Analyst)
-ECIH (EC-Council Certified Incident Handler)
-CSIH (SEI Certified Computer Security Incident Handler)
-SCPO (SABSA Certifed Security Operations & Service Management Practitioner)
Ref no: 321254-SEN-SECURE-OP-CA