First Line Security Event Analyst (FLSEA)
Recruiter
Listed on
Location
Salary/Rate
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Main responsibilities:
*Conduct research and assessments of security events within NATO Cyber Security Centre (NCSC)team
*Provide analysis of firewall, IDS, anti-virus and other network sensor produced events and present findings
*Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) for enhancing investigations
*Support the end-to-end Incident Handling process
*Propose optimisations and enhancements which help to both maintain and improve NATO's Cyber Security posture
Skills and Experience
A university degree in a technical subject with a focus on Information Technology (IT), obtained from a nationally recognised/certified institution in addition to a minimum of 1 year experience in the field of cyber security analysis. The lack of a degree may be compensated by at least 3 years of relevant experience in field of cyber security analysis. Similarly, candidate's lacking experience can compensate by demonstrating a high level of knowledge in the field of cybersecurity.
Mandatory
*Comprehensive knowledge of the principles of computer and communications security including knowledge of TCP/IP networking, Windows and Linux operating systems
*Broad understanding of common network security threats and mitigation techniques
*Experience in the following:
*Security Information and Event Management products (SIEM) - e.g. ArcSight, Splunk
*Analysis of Network Based Intrusion Detection Systems (NIDS) events -
*e.g. SourceFire, Palo Alto Network Threat Prevention
*Log analysis from a variety of sources (e.g. Firewalls, Proxies, Routers, DNS and other security appliances)
*Network traffic capture analysis using Wireshark
*Logical approach to analysis and ability to perform structured security investigations using large, complex data sets
*Good written and spoken communication skills
*Ability to work independently and as part of a team
Desirable
*Holding industry leading certification in the area of cyber security such as GCIA, GNFA, GCIH
*Computer Incident Response Centre (CIRT), Computer Emergency Response Team (CERT)
*Proficiency in Intrusion/Incident Detection and Handling